Deputy Director (Oversight and Governance)
CAA-Changi Airport Terminal 2
The Singapore Public Service
[What the role is]
Cybersecurity and data governance is a critical pillar of CAAS’ work. To ensure that the Singapore air hub remains safe and secure for air travel, every mission-critical system that supports air hub operations must be well-protected and resilient against rapidly evolving, and increasingly complex, cybersecurity threats.
CAAS is therefore looking for a strong and dynamic candidate to lead the Cybersecurity Oversight and Governance Branch, in the newly established Cybersecurity and Data Governance Division focused on strengthening and uplifting cybersecurity capabilities in CAAS and across the aviation sector.
You will lead the team in strengthening cybersecurity in the aviation sector and ensuring operational readiness to respond to cybersecurity threats, as well as strengthening ICT and data governance in CAAS.
You will also have opportunities to engage international stakeholders in shaping international standards, and collaboration initiatives on aviation cybersecurity.
[What you will be working on]
Key responsibilities include:
• Leading and ensuring the smooth day-to-day running of the Cybersecurity Oversight and Governance Branch
• Primarily responsible for maintaining and strengthening the cybersecurity posture of CAAS and the aviation sector through active regulation, proactive management, driving awareness and industry engagement.
Cybersecurity Oversight
• Develop and implement cybersecurity oversight programmes to ensure compliance with cybersecurity regulatory requirements by the aviation sector
• Formulate and implement aviation cybersecurity policies and regulations to ensure the cybersecurity resilience of aviation Critical Information Infrastructure (CII) owners and other regulated entities
• Support initiatives through risk management, including performing security risk assessments, and recommending risk treatment and ensure mitigation measures are applied
• Support the Assistant Commissioner, who assists the Commissioner of Cybersecurity under the Cybersecurity Act, in directing and overseeing the critical information infrastructure (CII) in the aviation sector. These duties include identifying CII and to regulate CII owners, managing the CII owners’ compliance with the cybersecurity codes of practice and standards of performance, implementing national cybersecurity initiatives, monitoring cybersecurity threats and responding to cybersecurity incidents
• Participate in international meetings and engage key international partners in developing international standards and other collaboration initiatives in aviation cybersecurity
• Keep abreast of the latest industry cybersecurity practices and technologies, as well as emerging threats and vulnerabilities, and recommend appropriate controls and solutions for implementation to enhance aviation cybersecurity posture
• Manage engagements within the aviation sector, where relevant, as part of overall account management
• Develop and manage cybersecurity technology programmes that address the cybersecurity challenges or gaps of organisations that are subject to cybersecurity requirements under CSA’s legislative framework
• Manage and coordinate aviation sector-responses to cybersecurity incidents and threats
ICT and Data Governance Section
• Review and develop CAAS ICT policies, standards, and processes in line with government IM8
• Work closely with internal stakeholders, such as system owners, to ensure compliance with CAAS ICT policies, standards, and processes
• Manage and coordinate internal and external audits on CAAS systems and processes, and ensure follow-up actions are completed
[What we are looking for]
• Suitable qualifications in Cybersecurity, Information Security, Information Technology, Computer Science, Engineering (Computing / Telecommunication) or equivalent
• Suitable cybersecurity certifications like CISSP, CISM, CISA and SANS will be advantageous
• 10 or more years of direct and relevant full-time cybersecurity work experience in policy formulation, incident response, management, regulatory oversight, and compliance experience in IT and business/industry, with demonstrable leadership experience and responsibilities
• Preferably 5 or more years of experience in large organisations leading cross-functional teams and/or enterprise-wide programs.
• Good analytical, planning, leadership and execution skills
• Expertise in budget planning and financial management
• Strong stakeholder management skills to deal with complex issues; influence internal and external stakeholders to achieve targeted outcomes
• Strong verbal and written communication skills
Note: Your appointment designation will commensurate with your relevant work experience. Successful candidates will be offered a 3-year contract in the first instance and may be considered for placement on a permanent tenure or subsequent contract renewal.
Cybersecurity and data governance is a critical pillar of CAAS’ work. To ensure that the Singapore air hub remains safe and secure for air travel, every mission-critical system that supports air hub operations must be well-protected and resilient against rapidly evolving, and increasingly complex, cybersecurity threats.
CAAS is therefore looking for a strong and dynamic candidate to lead the Cybersecurity Oversight and Governance Branch, in the newly established Cybersecurity and Data Governance Division focused on strengthening and uplifting cybersecurity capabilities in CAAS and across the aviation sector.
You will lead the team in strengthening cybersecurity in the aviation sector and ensuring operational readiness to respond to cybersecurity threats, as well as strengthening ICT and data governance in CAAS.
You will also have opportunities to engage international stakeholders in shaping international standards, and collaboration initiatives on aviation cybersecurity.
[What you will be working on]
Key responsibilities include:
• Leading and ensuring the smooth day-to-day running of the Cybersecurity Oversight and Governance Branch
• Primarily responsible for maintaining and strengthening the cybersecurity posture of CAAS and the aviation sector through active regulation, proactive management, driving awareness and industry engagement.
Cybersecurity Oversight
• Develop and implement cybersecurity oversight programmes to ensure compliance with cybersecurity regulatory requirements by the aviation sector
• Formulate and implement aviation cybersecurity policies and regulations to ensure the cybersecurity resilience of aviation Critical Information Infrastructure (CII) owners and other regulated entities
• Support initiatives through risk management, including performing security risk assessments, and recommending risk treatment and ensure mitigation measures are applied
• Support the Assistant Commissioner, who assists the Commissioner of Cybersecurity under the Cybersecurity Act, in directing and overseeing the critical information infrastructure (CII) in the aviation sector. These duties include identifying CII and to regulate CII owners, managing the CII owners’ compliance with the cybersecurity codes of practice and standards of performance, implementing national cybersecurity initiatives, monitoring cybersecurity threats and responding to cybersecurity incidents
• Participate in international meetings and engage key international partners in developing international standards and other collaboration initiatives in aviation cybersecurity
• Keep abreast of the latest industry cybersecurity practices and technologies, as well as emerging threats and vulnerabilities, and recommend appropriate controls and solutions for implementation to enhance aviation cybersecurity posture
• Manage engagements within the aviation sector, where relevant, as part of overall account management
• Develop and manage cybersecurity technology programmes that address the cybersecurity challenges or gaps of organisations that are subject to cybersecurity requirements under CSA’s legislative framework
• Manage and coordinate aviation sector-responses to cybersecurity incidents and threats
ICT and Data Governance Section
• Review and develop CAAS ICT policies, standards, and processes in line with government IM8
• Work closely with internal stakeholders, such as system owners, to ensure compliance with CAAS ICT policies, standards, and processes
• Manage and coordinate internal and external audits on CAAS systems and processes, and ensure follow-up actions are completed
[What we are looking for]
• Suitable qualifications in Cybersecurity, Information Security, Information Technology, Computer Science, Engineering (Computing / Telecommunication) or equivalent
• Suitable cybersecurity certifications like CISSP, CISM, CISA and SANS will be advantageous
• 10 or more years of direct and relevant full-time cybersecurity work experience in policy formulation, incident response, management, regulatory oversight, and compliance experience in IT and business/industry, with demonstrable leadership experience and responsibilities
• Preferably 5 or more years of experience in large organisations leading cross-functional teams and/or enterprise-wide programs.
• Good analytical, planning, leadership and execution skills
• Expertise in budget planning and financial management
• Strong stakeholder management skills to deal with complex issues; influence internal and external stakeholders to achieve targeted outcomes
• Strong verbal and written communication skills
Note: Your appointment designation will commensurate with your relevant work experience. Successful candidates will be offered a 3-year contract in the first instance and may be considered for placement on a permanent tenure or subsequent contract renewal.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
0
0
0
Categories:
Architecture Jobs
Compliance Jobs
Leadership Jobs
Tags: Audits CISA CISM CISSP Compliance Computer Science Governance Incident response Monitoring Risk assessment Risk management SANS Vulnerabilities
Perks/benefits: Travel
Region:
Asia/Pacific
Country:
Singapore
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Information Systems Security Officer jobsInformation System Security Officer jobsSenior Cloud Security Engineer jobsInformation Security Manager jobsSenior Network Security Engineer jobsSenior Cybersecurity Engineer jobsInformation Security Specialist jobsSecurity Consultant jobsSenior Information Security Analyst jobsSenior Penetration Tester jobsSecurity Specialist jobsCyber Security Specialist jobsIT Security Engineer jobsSenior Cyber Security Engineer jobsChief Information Security Officer jobsIT Security Analyst jobsPrincipal Security Engineer jobsInformation System Security Officer (ISSO) jobsStaff Security Engineer jobsCloud Security Architect jobsCyber Security Architect jobsSecurity Operations Analyst jobsSenior Information Security Engineer jobsSystems Administrator jobsThreat Intelligence Analyst jobs
GDPR jobsSaaS jobsForensics jobsEncryption jobsMalware jobsTop Secret jobsEDR jobsSDLC jobsSplunk jobsRMF jobsSQL jobsIDS jobsIPS jobsBash jobsCompTIA jobsIntrusion detection jobsDoDD 8570 jobsDocker jobsThreat detection jobsFinance jobsITIL jobsOWASP jobsTCP/IP jobsTerraform jobsActive Directory jobs
VPN jobsCRISC jobsGIAC jobsUNIX jobsClearance Required jobsIT infrastructure jobsBanking jobsSANS jobsJavaScript jobsPolygraph jobsAnsible jobsHIPAA jobsJira jobsDNS jobsMITRE ATT&CK jobsSOX jobsOSCP jobsCCSP jobsData Analytics jobsMachine Learning jobsSOC 2 jobsSecurity strategy jobsSOAR jobsGCIH jobsCISO jobs