Assistant Director/Senior Manager (Cybersecurity Oversight)

[What the role is]
Cybersecurity is a critical pillar of CAAS’ work. To ensure that the Singapore air hub remains safe and secure for air travel, every mission-critical system that supports air hub operations must be well-protected and resilient against rapidly evolving, and increasingly complex, cybersecurity threats.

We are looking for strong and dynamic candidates to be part of the cybersecurity oversight team, within the newly established Cybersecurity and Data Governance Division. As a senior member of the team, you may will be expected to undertake managerial responsibilities for a team of officers. Together, you will carry out cybersecurity oversight of the aviation sector to ensure compliance with regulatory requirements under such as the Cybersecurity Act and associated Cybersecurity Codes of Practice, and develop initiatives to further strengthen the cybersecurity regulatory framework for the aviation sector.

Key responsibilities include:
• Formulate and implement aviation cybersecurity policies and regulations to ensure the cybersecurity resilience of aviation Critical Information Infrastructure (CII) owners and other regulated entities
• Develop and implement cybersecurity oversight programmes to ensure compliance with cybersecurity regulatory requirements by the aviation sector
• Work closely with internal and external stakeholders on cybersecurity resiliency initiatives
• Plan and conduct cybersecurity exercises for the aviation sector to improve operational readiness against a rapidly evolving cybersecurity threat landscape
• Manage and coordinate aviation sector-responses to cybersecurity incidents and threats
• Participate in international meetings and engage key international partners in developing international standards and other collaboration initiatives in aviation cybersecurity; and
• Keep abreast of the latest industry cybersecurity practices and technologies, as well as emerging threats and vulnerabilities, and recommend appropriate controls and solutions for implementation to enhance aviation cybersecurity posture

• Trained in Cybersecurity, Information Security, Information Technology, Computer Science, Engineering (Computing / Telecommunication) or equivalent
• At least 10-15 years of direct and relevant full-time cybersecurity work experience in policy formulation, incident response, and management, regulatory oversight, and compliance
• Possess an active professional certification in Cybersecurity or Information Security from ISACA, (ISC)2 or equivalent will be an advantage
• Strong domain knowledge of information security governance and risk management, controls, vulnerability assessment/penetration testing, compliance, business continuity, investigations, system architecture and design, legal, and industry IT/OT and cyber security best-practices.
• Able to show understanding of the relationship between cybersecurity and the broader business goals and objectives
• Self-motivated and independent, a good team player with well-rounded skillset and can-do attitude
• Able to work with different stakeholders to bring them together to achieve targeted outcomes
• Excellent verbal, written, communication, presentation, and analytical skills
Note: Your appointment designation will commensurate with your relevant work experience. Successful candidates will be offered a 3-year contract in the first instance, and may be considered for placement on a permanent tenure or subsequent contract renewal.

[What you will be working on]

[What we are looking for]