Cyber Assurance Manager

The objectives of the Cyber Assurance Manager are to assess and address weaknesses in IT systems and focus on security domains to understand the evolving threat and emerging technologies required to protect Income Insurance. Reporting to the Head of Information Technology Risk & Security (ITRS) department, he/she will have the following responsibilities:

• Manage a vulnerability management program to include ongoing vulnerability and configuration scanning, penetration testing and vulnerability disclosure and software security assessment
• Manage an offensive program to include ongoing breach and attack simulation, cyber range, red teaming and incident response exercise
• Manage the risk assessment and risk treatment of discovered vulnerabilities by assessing the impact of the weakness and the effectiveness of the controls
• Function as a Security Architect to advise on security requirements, and assess and ensure conformance to security architecture
• Keep abreast of new technologies and related risks, industry trends, and regulatory requirements relating to technology, information & cyber security, and advise on the required controls and enhancements to protect our infrastructure and applications

Requirements:

• Degree holder in Information Technology, Information Systems, Computer Science or equivalent
• More than 7 years of experience in technology, information or cyber risk management, or information security in Financial Services Industry
• Familiar with cloud technologies and services, and the required cloud security and risk management framework and controls
• Familiar with regulatory requirements as MAS Technology Risk Management and MAS Cyber Hygiene, statutory requirements as CSA and PDPA, and security standards as CIS, NIST, OWASP and TOGAF
• Experience in leading vulnerability management or security architecture review activities
• CISSP, CCSP, CISM, OSCP or TOGAF certifications will be an advantage