Jobfoundry
Jobfoundry
SMRT

Manager, Risk Management

SMRT
Public Transport & Rail OperationsSingapore, SGOnsitePosted 1 week ago
Apply on company site

About the role

Manager, Risk Management role based on the published job description. Key responsibilities and requirements were extracted directly from the posting for quick review.

TransportOnsite

Key Responsibilities

  • He/she will also provide support for cybersecurity training and competency to build a strong awareness, ownership and culture.
  • Ensure the organisation's compliance with the security standards and guidelines stipulated in: CSA Cybersecurity Act CSA Cybersecurity Code of Practice for Critical Information Infrastructure (CCoP) Relevant CSA's Guide e.g., Guide to Conducting Cybersecurity Risk Assessment for Critical Information Infrastructure LTA Code of Practice for Cyber Security in MRT Systems (CP8), including Land Transport Cyber Security Incident Management Framework (CSIMF) CSA publications such as Security-by-Design Framework, etc.
  • Manage contracts and deliverables for regulatory CCoP and CP8 audits (2-yearly), Risk Assessment (annually), Vulnerability Assessment (2-yearly) for CII and other contracts as required, and support the conduct of these activities, where required.
  • Manage processes such as waiver request submissions and reviews, and monitor follow-up actions arising from audits, Risk Assessment and Vulnerability Assessment.
  • Support Policy & Governance team in developing and implementing policies, standards and/or guidelines for managing cybersecurity risks and protecting OT systems against cybersecurity threats.
  • Support for cybersecurity training and competency development programme to build up strong cybersecurity awareness, ownership and culture in SMRT.

Requirements

  • Manage contracts and deliverables for regulatory CCoP and CP8 audits (2-yearly), Risk Assessment (annually), Vulnerability Assessment (2-yearly) for CII and other contracts as required, and support the conduct of these activities, where required.
  • Where required, support the conduct of validation checks to ensure that security control measures are maintained.
  • Where required, support the conduct of cybersecurity exercises such as Table-Top Exercise for CII.
  • Qualifications & Work Experience • Degree in Electrical & Electronics Engineering, Computer Science or equivalent.
  • At least 7 to 8 years of working experience in the engineering field.
  • Cybersecurity-related qualifications and/or certifications such as CISM, CISSP, CEH or CISA are preferred.