GovTech
Government
AgencyChiefInformationSecurityOfficer
Neural analysis suggests this role is
optimal for Mid+ candidates.
“Agency Chief Information Security Officer at GovTech. Skills: Information security management, Cybersecurity governance, Cloud security, Risk management. Lead cybersecurity function. Support digital transformation”
Industry & Context.
Risk assessment; Threat assessment; Root cause analysis
Singaporeans only
What They're Looking For.
Must Have
Degree in Computer Science, 8-10 years management experience, Solid grasp of ICT operations, Solid grasp of security policies, Solid grasp of business processes, Knowledge of security by design, Experience in security by design, Review of system architecture, DevSecOps practices, Infrastructure as Code tools, Securing CI/CD pipelines, Understanding cloud service models, Understanding core cloud services, Understanding modern cloud-native architectures, Identify cybersecurity risks, Assess risk impact, Assess risk likelihood, Evaluate existing controls, Recommend mitigation strategies, Understanding emerging threats, Understanding emerging technologies, Translate risk into business impact, Understanding compliance requirements, Identify potential violations, Communicate cyber security topics, CISSP certification
Nice to Have
Other related certifications, CISM certification, CCSP certification, GCIH certification
What You'll Do.
Lead cybersecurity function
Support digital transformation
Ensure digital resilience
Formulate cybersecurity strategies
Implement cybersecurity strategies
Align with business goals
Enhance risk management
Conduct risk assessments
Consult on risk management
Endorse risk mitigation plans
Govern security posture
Enhance security posture
Maintain ICT asset visibility
Maintain ICT asset oversight
Maintain security architecture visibility
Maintain security architecture oversight
Maintain cybersecurity operations visibility
Maintain cybersecurity operations oversight
Develop incident response plan
Maintain incident response plan
Develop incident response playbooks
Maintain incident response playbooks
Plan security exercises
Design security exercises
Conduct security exercises
Lead incident investigation
Manage ICT security incidents
Provide advisory on technologies
Recommend cybersecurity technologies
Ensure secure by design development
Ensure security control compliance
Develop cybersecurity awareness programmes
Maintain cybersecurity awareness programmes
Develop cybersecurity training programmes
Maintain cybersecurity training programmes
How You'll Work.
Team & Collaboration
Collaborate with stakeholders; Collaborate with agency management; Collaborate with agency project teams; Collaborate with outsourced vendors; Work with multi-functional teams; Work with multi-disciplined teams
Communication Scope
Communicate cyber security topics
Process & Methodology
Risk management
Full Job Description
GovTech supports various Government Agencies in carrying out ICT delivery services and appoints Agency Chief Information Security Officers (ACISO) to oversee information security management within these agencies. The ACISO is a leadership role that requires technical proficiency demonstrated in multiple cybersecurity domains. The role demands knowledge and/or practical experience in most of the domains below: Cybersecurity Governance frameworks, Security Operations including incident response, Architecture design and threat risk assessment, Security Testing. The ACISO must possess technical understanding of both on-premises infrastructure security and cloud security architectures across major platforms (e.g., AWS, Azure, and GCP), including their native security features, identity management systems, and security control implementations. [What you will be working on] Emplaced in public agencies and reporting to the agency’s Chief Information Officer (CIO) and Ministry Family CISO, you will collaborate with various stakeholders (GovTech HQ teams, Agency management, Agency project teams, and outsourced vendors) and will be responsible to: Lead the agency-level cybersecurity function in supporting agency digital transformation initiatives whilst ensuring digital resilience of agency systems. Formulate and implement agency cybersecurity strategies, policies and work plans, ensuring continuous alignment with Ministry Family's business strategic goals Review and enhance risk management through threat-based risk assessments, risk mitigations, risk monitoring and reporting. Provide consultation and endorse risk management and mitigation plans from agency’s project teams. Govern and enhance the agency's security posture by maintaining visibility and oversight of ICT assets, security architectures, and cybersecurity operations code of practices. Develop and maintain incident response plan and playbooks. This involves planning, designing and conduct of security incident respon
Applying for this Agency Chief Information Security Officer role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
ANONYMOUS · UNFILTERED
What do employees actually say about GovTech?
Real rants from real employees. Read before you apply.