IT SECURITY HEAD

A well-established financial institution is seeking for individual to join their Information Technology Team as Information Technology Security Head.

The Head of IT Security will be responsible for developing and implementing a comprehensive IT security strategy to protect the organization’s information assets. This role encompasses oversight of risk management, security operations (including outsourced managed services), and engineering efforts, ensuring compliance with the Monetary Authority of Singapore's (MAS) Technology Risk Management (TRM) guidelines and Outsourced Service Provider Assessment (OSPAR) framework.

Key Responsibilities:

• Security Strategy Development:
  • Develop and implement a robust IT security strategy aligned with organizational goals and compliance with MAS TRM and OSPAR guidelines.
  • Stay current with industry trends and threats, adapting the security posture accordingly.
• Risk Management:
  • Identify, assess, and prioritize security risks across the organization and projects.
  • Develop and implement risk mitigation strategies and security policies in accordance with MAS regulations.
  • Conduct regular risk assessments and security audits to ensure compliance.
• Security Operations:
  • Oversee day-to-day security operations, including monitoring, incident response, and threat management.
  • Manage relationships with outsourced managed service providers, ensuring compliance with MAS OSPAR requirements and service level agreements (SLAs).
  • Lead security incident response efforts, coordinating with relevant stakeholders.
• Engineering Oversight:
  • Collaborate with engineering teams to ensure security is integrated into system design and development processes.
  • Evaluate and implement security technologies to enhance the organization’s security infrastructure.
• Compliance and Governance:
  • Ensure compliance with relevant regulations, standards, and frameworks, including MAS TRM and OSPAR.
  • Develop and maintain security policies, procedures, and documentation that align with regulatory requirements.
• Team Leadership:
  • Lead and mentor the IT security team, fostering a culture of security awareness and continuous improvement.
  • Manage the recruitment, development, and performance of security personnel.
• Stakeholder Communication:
  • Report to senior management on the state of IT security, including risks, incidents, and remediation efforts.
  • Collaborate with other departments to promote security best practices across the organization.

Requirements:

• Education:
  • Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field. A Master’s degree or relevant certifications (CISSP, CISM, CISA) is preferred.
• Experience:
  • Minimum of 10 years experience in IT security, with a focus on risk management, operations, and engineering.
  • Proven experience managing security operations and outsourced services.
• Skills:
  • Strong knowledge of security frameworks, technologies, and best practices, including MAS TRM and OSPAR.
  • Excellent analytical, problem-solving, and decision-making skills.
  • Effective communication and interpersonal skills, with the ability to work with technical and non-technical stakeholders.
• Attributes:
  • Strategic thinker with a proactive approach to security challenges.
  • Strong leadership and team management skills.
  • Ability to adapt to a rapidly changing technology landscape.