Associate /Senior Associate, Cybersecurity (Defence & Resilience) (10915) - Singapore - Temasek International Pte Ltd

Description

Overview of the teamYou'll be working in the Cybersecurity Department under the Defence and Resilience unit.

You will play a critical role in developing and executing a comprehensive cyber resilience programme and establishing dynamic platforms for the firm as the cyber centre of excellence, driving cyber awareness and education, and vulnerability detection.

The threat landscape is ever-evolving and the ability to anticipate, withstand, respond, and evolve defines the resilience of a company.

Building cyber resilience and defence is a strategically important function within Temasek.

The implementation of an effective and comprehensive cybersecurity resilience plan and strategy will enable Temasek to be better prepared during a crisis, ensuring prompt recovery and business continuity.

Roles & ResponsibilitiesThe role will support the CISO in uplifting Temasek's cybersecurity resilience through the development and execution of an effective cyber resilience programme and the establishment of new/advanced cyber capabilities to strengthen cyber awareness and enhance cyber readiness and monitoring capabilities, thus driving a culture of cyber resilience across Temasek and its ecosystem.

Drive the development and execution of an effective cyber resilience programme to support Temasek's mission and vision as the organization undergoes increasing digitisation in the face of evolving threatsCarry out independent review and analysis of cyber threats, alerts, potential gaps and vulnerabilitiesWork closely with the CISO, senior management and business units to organize and run regular cyber exercises and workshops to strengthen crisis communications and incident response, management, and recoveryWork closely with the CISO and appointed consultants/vendors/providers to support the cyber engineering of threat detection capabilities and fine-tuning of existing cyber use casesEngage service providers, business partners, and internal stakeholders to plan, evaluate, and conduct IT security testing activities and cyber exercises in a timely, secure, and safe mannerIntroduce engagement forums, the community of practices, and cyber awareness campaigns including the conduct of simulated phishing exercises with internal and external stakeholders to uplift cyber awareness, readiness, and vigilance across Temasek and its ecosystemWork closely with Business Units and the Technology department to review the effectiveness and adequacies of current business continuity plans, disaster recovery plans, playbooks, backups, and redundancies as well as the availability of resources to support a cyber crisisSupport the establishment of framework and indicators in accordance with overall cyber strategy to continuously assess and measure the cyber resilience profile of Temasek and its ecosystemSupport the conduct of engagement with internal and external stakeholders to enhance the overall cyber resilience of Temasek and its ecosystemSupport and carry out any other tasks as assignedRequirements

At least 4 years of relevant information security operations, cyber engineering, threat analysis, and/or risk management experience with at least 2 years in managing cyber security operations, conducting cyber threat analysis, threat hunting, IT security testing, and/or incident responseBachelor's degree in engineering, information technology/security, cybersecurity, and related fields.

Professional information security certifications such as CISSP, Certified ethical hacker, and relevant GIAC certification will be an advantagePossesses a strong cyber technical background with hands-on experience in cyber threat analysis, incident management, IT security testing, and security operations.

Prior experience in handling cyber incidents, conducting red-teaming, vulnerability assessment, forensic investigation, and penetrating testing as well as organization-wide table-top exercises will be an advantage.

Capable of articulating cyber and technical issues in a clear and actionable manner that highlights business risk context for the leadership to make an informed decisionHighly agile and possess strong cyber domain knowledge across multiple areas (such as SOC/MSS, network, application, and infrastructure security, data & information protection, supply chain security, AI, and cloud computing security) and knows cyber regulation and complianceStrong communication and interpersonal skills, with proven ability to manage multiple priorities, and collaborate across business units and partners to achieve desired end goalsSoft Skills

Possess an inquisitive, structured, and logical mind to drive end-to-end strategy development and implementationStrong analytical and problem-solving abilitiesExcellent cross-group and interpersonal skills, with the ability to communicate with technical and non-technical teamsAbility to lead as well as work independently to organize, manage, conduct, and complete projectsExcellent communication, presentation, and advisory skills, capable of engaging senior stakeholdersResults-oriented, independent, assertive and self-driven