Deputy Manager / Manager / Senior Manager (Cybersecurity Services)

[What the role is]

Cybersecurity is a critical pillar of CAAS’ work. To ensure that the Singapore air hub remains safe and secure for air travel, every mission-critical system that supports air hub operations must be well-protected and resilient against rapidly evolving, and increasingly complex, cybersecurity threats.

CAAS is looking for a strong and dynamic candidate to be part of the Cybersecurity Services (CSS) Team, under the Cybersecurity Division (CSD). You will develop and implement enterprise-wide processes and programs to strengthen the resilience of CAAS and aviation sector ICT systems. You will promote and enforce security policies and training that prepare CAAS to respond efficiently and effectively to cyber threats. You will also need to identify, design and implement cybersecurity solutions and services across the enterprise.

[What you will be working on]

Security Testing Support:

• Coordinate with CAAS system owners, infrastructure teams and vendors to conduct security testing activities including VAPT and secure coding assessments.

• Oversee the preparation and delivery of security testing reports with remediation recommendations and ensure all vulnerabilities are addressed.

Security Architecture and Design Advisory:

• Provide advisory support to interpret user requirements and guide the translation of business needs into secure technical solutions aligned with organisational policies.

• Support the design of secure systems within development lifecycles by providing guidance on security architectural guidelines and reviewing system security designs.

• Advise on security specifications for system components that address security objectives and functional requirements and provide advisory support for implementing "Security by Design" frameworks throughout development processes.

Technical Security Implementation:

• Support onboarding projects into cloud compliance tools like SHIP-HATS, Vulnerabilities Management System (VMS), providing advisory guidance throughout the process.

• Engage with system owners and vendors to deploy cybersecurity solutions and provide technical advisory support for security tool implementation.

Emerging Technology Security:

• Evaluate quantum computing threats to current cryptographic systems. Plan and implement post-quantum cryptography readiness and migration strategies.

• Stay current with emerging AI security threats and defensive techniques. Evaluate new AI security tools and technologies for organisational adoption. Contribute to AI security best practices and internal training programmes.

Stakeholder Engagement:

• Collaborate with CAAS system owners and development teams to address vulnerabilities, facilitate communication between technical teams and management, and stay current with evolving security practices and emerging threats.

[What we are looking for]

• Degree in Cybersecurity and Information Security preferred. Degree in Information Technology, Computer Science, or Engineering (Computing/Telecommunications), or equivalent professional qualifications can also apply with the relevant experience.

• Minimum eight years of direct cybersecurity experience with expertise in infrastructure security, network security, and enterprise cybersecurity initiatives.

• Strong analytical and problem-solving capabilities, willingness to engage in administrative responsibilities, ability to work in cross-functional teams, and enthusiasm for emerging technologies including AI security and quantum security.

• Active professional certification from ISACA, (ISC)², or equivalent organisations preferred.

• Self-motivated professional with strong team collaboration skills, curiosity and passion for cybersecurity with excellent communication and analytical skills.