To support the ACISO in cybersecurity matters which include conducting gap analysis to identify ICT security risks faced by the SFA, security governance, policies/standards/guidelines, risk management, security awareness, threat and incident management, security development during system development life cycle, security control implementation, cloud security.
WHAT THE OFFICER WILL BE WORKING ON:
List the key responsibilities.
Gap Analysis
Conduct gap analysis to identify ICT security risks faced by the Agency, gauge the Agency’s ICT security posture and level of maturity against their Ministry Family (MF) ICT security maturity model.
Security Governance
a) Comply with Agency and specific MF security requirements;
b) Collate key security matrices which will be aggregated at the MF level and submit quarterly security scorecard for SFA to GovTech;
c) Put in place and regularly review (annually or whenever there are changes to its business/ICT environment) the security metrics; and
d) Implement the MF’s risk and control program to manage the security posture of the Agency’s systems.
Policies, Standards & Guidelines
Adopt the MF’s ICT security policy baseline and any associated Standards to formulate Agency’s ICT Security Policy.
Risk Management
a) Perform risk assessments for all ICT systems;
b) Maintain Security Risk Register (to track approved waivers, risk acceptance, corrective action plan); and
c) Ensure residual risks are accepted by appropriate Agency stakeholders, guided by Ministry risk appetite statement and within risk tolerance levels.
Security Awareness
Conduct ICT security awareness and education for Agency users (including its IT officers and Third Parties).
Threat & Incident Management
a) Identify and treat risks for all ICT systems, as well as the management of incidents;
b) Implement proper security monitoring systems built-in to detect, prevent and recover from any security incident for all ICT systems;
c) Investigate ICT security incidents which is required by GovTech for all agencies;
d) Work with GITSIR and provide technical assistance on investigating, resolving and recovering system from security incidents;
e) Support security incident response workshops and exercises (table-top exercises, simulation and drills); and
f) Conduct annual Disaster Recovery (DR) exercise to help user representative to verify the integrity of the DR system and technical representative to refresh with the recovery process.
Secure Development Lifecycle
a) Ensure that management and execution of all Agencies’ ICT system development and project management are in compliance to IM8’s security and related security requirements; and
b) Review all Agency’s security testing reports (Vulnerability Assessments/ Penetration Tests/ Source Code Review) and ensure mitigation is performed satisfactorily.
Security Controls Implementation
a) Ensure that the management and execution of all Agency’s ICT systems are operating in compliance to IM8’s security and other security requirements, including:
Account and access management; Patching, hardening and management of deviations; Network connectivity to Government networks; Privileged and remote access user management; Logging of key system events and activities to enable incident investigations; and Manage the vulnerability assessment, penetration testing and source code scanning of SFA application systems and work with Application/Infrastructure Managers and vendors to resolve any findings on time.
Key Requirements:
• Experience in cybersecurity operations, risk management, cybersecurity governance.
• Knowledge in Cloud Security is preferred.
• Excellent written and verbal communication and ability to influence and communicate effectively with non-technical audience.
• The officer should have strong analytical and technical problem-solving skills and be adept in vendor management, risk management and incident response management.
• Possession of good conceptualisation skills with ability to drive initiatives and strong management skills.
• Good communications and interpersonal skills, able to work both independently and as a member of a team.
Be inquisitive and an advocate for best practices and continuous learning.
We regret that only shortlisted candidates will be notifed for the interview.
