[What the role is]
The IT Department (ITD) drives EMA’s digital transformation by delivering secure and innovative IT solutions to enhance organisational effectiveness and enable new capabilities.[What you will be working on]
Responsibilities:
We are looking for a cyber security experienced individual contributor to be the agency Cybersecurity Officer.
Work closely with the Ministry, GovTech, EMA application team, EMA infrastructure team, outsourced vendors and other stakeholders to solicit cooperation, negotiate and resolve problems on all cyber security matters.
Develop, review and implement IT policies, standards and procedures relating to IT Governance and Security in compliance with the Whole-Of-Government (WOG) guidelines.
Work with internal and external IT auditors and outsourced vendors in planning and conducting IT audits, reviews, scans and cybersecurity exercises.
Identify, assess, and mitigate cybersecurity risks across the organization.
Design and deliver Security awareness training programs to employees on best practices for cybersecurity, phishing prevention, password policies, and data protection.
Manage vendors and IT contracts by ensuring contractual obligations are met and projects are successfully delivered.
Respond and investigate Cybersecurity threats and incidents and recommend appropriate course of actions.
Keep abreast of industry and Whole-Of-Government (WOG) IT practices and technologies to improve organisational governance and security posture.
[What we are looking for]
Requirements:
Education in Computer Science, Information Technology, Cybersecurity or related degree.
Minimum 3 to 5 years of direct and relevant full-time working experience in IT Governance and/or Cybersecurity including IT system reviews, information security governance and risk management.
Self-motivated, driven, a good team player and strong ability to multi-task.
Excellent verbal, written communication and interpersonal skills.
Active professional certifications in IT Security or Information Security from ISACA, (ISC)2 or equivalent are preferred (e.g., CISSP, CISM, CISA, CRISC, CEH, etc)
Knowledge of cloud platforms (e.g., AWS, Azure) and experience securing cloud-based infrastructure and services.
Prior experience or knowledge of Government and the Energy Market will be an advantage.
Proven experience in security operations, including threat monitoring, incident response, and the use of security tools and platforms.
Practical experience in IT operations, with a strong understanding of infrastructure, networking, and IT service management principles.