SeniorCybersecurityGovernanceSpecialist

[What the role is] GovTech is the lead agency driving Singapore’s Smart Nation initiatives and public sector digital transformation. As the Centre of Excellence for Infocomm Technology and Smart Systems (ICT exposure to OT (Operational Technology) systems is a significant advantage. Regulatory Knowledge: Deep familiarity with Singapore Government security policies (e.g., Instruction Manual on IT Management) and international standards (e.g., NIST, ISO 27001). Technical Skills Risk Methodologies: Mastery of risk assessment methodologies (e.g., TVRA) and the ability to translate technical vulnerabilities into business risk. Security Technologies: Strong technical understanding of various Zero Trust Architecture (ZTA) components and cloud security technologies. Such as Firewalls, EDR, IAM, SIEM, CSPM, CWPP, CASB and secrets management etc. Threat Awareness: Ability to map technical controls to the MITRE ATT deep understanding of the MITRE ATT&CK framework and common TTPs. Certifications: Professional certifications such as CISM (Certified Information Security Manager), CRISC (Certified in Risk and Information Systems Control), CISSP, OSCP or OSWE (Offensive Security Web Expert) are highly preferred. Soft Skills Strategic Influence: Ability to educate and persuade senior stakeholders (CIOs/Project Owners) on the importance of rigorous risk governance. Critical Thinking: Ability to look past surface-level audit compliance to find and fix underlying systemic issues. Lifelong Learner: A genuine passion for staying updated on the latest security technologies and evolving cyber threat landscapes. Risk Articulation: Exceptional ability to "translate" deep technical issues (e.g., zero-day vulnerabilities, configuration drifts) into business risk for non-technical senior executives.