Senior Associate/Assistant Vice President, Cybersecurity (Defence & Resilience)

Introduction

You'll be working in the Cybersecurity Department under the Defence and Resilience unit. You will play a critical role of developing and executing a comprehensive cyber resilience programme and establish dynamic platforms for the firm as the cyber centre of excellence, driving cyber awareness and education, and vulnerability detection. Threat landscape is ever evolving and the ability to anticipate, withstand, respond, and evolve that defines the resilience of a company. Building cyber resilience and defence is a strategically important function within Temasek. The implementation of an effective and comprehensive cybersecurity resilience plan and strategy will enable Temasek to be better prepared during a crisis, ensuring prompt recovery and business continuity.
 

Responsibilities

The role will support the CISO in uplifting Temasek’s cybersecurity resilience through development and execution of an effective cyber resilience programme and establishment of new/advanced cyber capabilities to strengthen cyber awareness, enhance cyber readiness and monitoring capabilities, thus driving a culture of cyber resilience across Temasek and its ecosystem. Key responsibility of this role will be to develop and operationalize the threat intel function and deliver value into the various other aspects of cybersecurity including security monitoring and detection, and cyber risk profiling and modelling for the organisation. Candidate will also be supporting the team in the broader areas list below.

• Drive the development and execution of an effective cyber resilience programme to support Temasek’s mission and vision as the organization undergoes increasing digitisation in the face of evolving threats
• Carry out independent review and analysis of cyber threats, alerts, potential gaps and vulnerabilities
• Work closely with the CISO, senior management and business units to organize and run regular cyber exercises and workshops to strengthen crisis communications and incident response, management, and recovery
• Work closely with the CISO and appointed consultants/vendors/providers to support the cyber engineering of threat detection capabilities and fine-tuning of existing cyber use cases
• Introduce engagement forums, community of practices and cyber awareness campaigns including conduct of simulated phishing exercises with internal and external stakeholders to uplift cyber awareness, readiness, and vigilance across Temasek and its ecosystem
• Work closely with Business Units and Technology department to review the effectiveness and adequacies of current business continuity plans, disaster recovery plans, playbooks, backups, and redundancies as well as availability of resources to support a cyber crisis
• Support the establishment of framework and indicators in accordance with overall cyber strategy to continuously assess and measure the cyber resilience profile of Temasek and its ecosystem
• Support conduct of engagement with internal and external stakeholders to enhance overall cyber resilience of Temasek and its ecosystem
• Support and carry out any other tasks as assigned

Requirements

• At least 4 years of relevant information security operations, cyber engineering, threat analysis and/or risk management experience with at least 2 years in managing cyber security operations, conducting cyber threat analysis, threat hunting, IT security testing, and/or incident response
• Bachelor’s degree in Engineering, Information Technology/Security, Cybersecurity, and related field. Professional information security certifications such as CISSP, Certified ethical hacker and relevant GIAC certification will be an advantage
• Possess strong cyber technical background with hands-on experience in cyber threat analysis, incident management, IT security testing and security operations. 
• Prior experience in handling cyber incident, conducting red-teaming, vulnerability assessment, forensic investigation and penetrating testing as well as organization-wide table-top exercises will be an advantage
• Capable of articulating cyber and technical issues in a clear and actionable manner that highlights business risk context for the leadership to make an informed decision
• Highly agile and possess strong cyber domain knowledge across multiple areas (such as SOC/MSS, network, application and infrastructure security, data & information protection, supply chain security, AI and cloud computing security) and has knowledge of cyber regulation and compliance
• Strong communication and interpersonal skills, with proven ability to manage multiple priorities, collaborate across business units and partners to achieve desired end-goals

Soft Skills

• Possess an inquisitive, structured, and logical mind to drive end-to-end strategy development and implementation
• Strong analytical and problem-solving abilities
• Excellent cross-group and interpersonal skills, with the ability to communicate with technical and non-technical teams
• Ability to lead as well as work independently to organize, manage, conduct and complete projects
• Excellent communication, presentation, and advisory skills, capable of engaging senior stakeholders
• Results-oriented, independent, assertive and self-driven