CYBERSECURITY GOVERNANCE AND RISK ASSESSMENT MANAGER, SAFER CYBERSPACE DIVISION, CSA About CSA As Singapore harnesses technology to improve lives and livelihoods for all, it is imperative that our plans are built on a strong foundation of cybersecurity, without which we would be exposing ourselves to the multitude of threats that lurk in cyberspace. The Cyber Security Agency of Singapore (CSA) was formed in 2015 and has been given the task of protecting Singapore’s cyberspace. It is part of the Prime Minister’s Office and is managed by the Ministry of Communications and Information. Responsibilities The Safer Cyberspace Division in CSA focuses on raising the national cybersecurity posture for non-Critical Information Infrastructure (CII) enterprises in Singapore. The division develops national cybersecurity technology programmes that raise the cybersecurity posture in enterprises, in order to enable a safer cyberspace. We are looking for a candidate to oversee the governance and risk assessment of organisations that may be subject to cybersecurity requirements under CSA’s legislative framework.

Responsibilities The Safer Cyberspace Division in CSA focuses on raising the national cybersecurity posture for non-Critical Information Infrastructure (CII) enterprises in Singapore. The division develops national cybersecurity technology programmes that raise the cybersecurity posture in enterprises, in order to enable a safer cyberspace. We are looking for a candidate to oversee the governance and risk assessment of organisations that may be subject to cybersecurity requirements under CSA’s legislative framework. The key areas of responsibilities are as follows: • Manage the governance of organisations that may be subject to cybersecurity requirements under CSA’s legislative framework • Review and evaluate cybersecurity risk assessments submitted by organisations that are subject to cybersecurity requirements under CSA’s legislative framework • Manage cybersecurity incident reporting from organisations that are subject to cybersecurity requirements under CSA’s legislative framework • Manage engagements with such organisations, where relevant, as part of overall account management of these organisations • Develop and manage cybersecurity technology programmes that address the cybersecurity challenges or gaps of organisations that are subject to cybersecurity requirements under CSA’s legislative framework • Before a programme is rolled out: At the conceptualisation stage, responsibilities would involve performing landscape scans and analysis to identify shifts or trends in the cybersecurity landscape, and corresponding gaps in the cybersecurity posture of non-CII enterprises to steer the direction of programmes developed • After a programme is rolled out: Drive and develop levers to support programme adoption – this can include the use of incentives or policy levers • Examples of programmes which the division has rolled out include CSA’s Cyber Essentials and Cyber Trust mark, which are published as national cybersecurity standards in Singapore

Requirements • Background in Computer Science, Cybersecurity, Engineering, Infocomm Technology, or a related field • At least 2 years’ experience in a job function involving cybersecurity risk management – Experience in certification frameworks, such as ISO/IEC 27001 is an advantage • Experience in Chief Information Security Officer (CISO) functions in organisations is an advantage • Strong analytical, investigative and communication skills, both verbal and written • Strong interpersonal and stakeholder management skills • Interest in keeping abreast of regulatory changes and development, as well as cybersecurity risk management frameworks and methodology

About the Cyber Security Agency of Singapore Established in 2015, the Cyber Security Agency of Singapore (CSA) seeks to keep Singapore’s cyberspace safe and secure to underpin our Nation Security, power a Digital Economy and protect our Digital Way of Life. It maintains an oversight of national cybersecurity functions and works with sector leads to protect Singapore’s Critical Information Infrastructure. CSA also engages with various stakeholders to heighten cyber security awareness, build a vibrant cybersecurity ecosystem supported by a robust workforce, pursue international partnerships and drive regional cybersecurity capacity building programmes. CSA is part of the Prime Minister’s Office and is managed by the Ministry of Digital Development and Information. For more news and information, please visit www.csa.gov.sg