Key Job Purpose

The Regional Cybersecurity Executive (RCE) is responsible to support the Head of Cybersecurity (HOD) in the overall Computer Security Incident Response Team (CSIRT) and Product Security Incident Response Team (PSIRT) operations in the Asia Pacific region, inclusive of, but not limited to, performing cyber incident response management and cyber investigations, conducting awareness training and education, supporting the Company’s cyber compliances, and providing Cybersecurity guidance and expertise to both business operations and the Regional/Local IT teams.

The RCE is responsible to support the HOD to safeguard patient safety and protect Company interest through the formation, adoption, operationalisation and regular review and compliance of the end-to-end framework, policies, procedures and initiatives relating to the cybersecurity and data govenance aspects of the “internet of medical things” or medical devices products and services in the Asia Pacific region.

The RCE is responsible to contribute, lead, drive and manage new global/regional/local cybersecurity program or project initiatives from conceptualisation to post-implementation operations to ensure  successful cybersecurity modernisation efforts of the Company.

The RCE needs to work effectively with internal and external expertise in planning and delivery, and in executing assessments, improvements and roadmaps.

Slide maker stainer

Responsibilities

Lead, Drive and Manage CSIRT and PSIRT Operations for Asia Pacific

  • Lead, drive and manage the overall Cybersecurity lifecycle implementations and operations.
  • Develop security design and review processes.
  • Develop cybersecurity roadmap for security controls for data centre, cloud environment, and company products and services in Asia Pacific.
  • Effectively manage the cybersecurity roadmap based on approved Strategic goals, prioritising across tactical and strategic goals, and align business needs and technical priorities.
  • Develop and maintain cybersecurity architecture, policies, standards and frameworks.
  • Be an advisor and influence internal stakeholders in supporting cyber transformation.
  • Work with stakeholders to ensure compliance to Cybersecurity policies and standards, including monitoring of compliance to the Group/Region/Local and Regulatory standards.
  • Work with development teams on the management of security threats.
  • Collaborate with various internal company teams such as product and services R&D, marketing and customer services teams to prepare the product security documentation.
  • Manage cybersecurity incident response process, including but not limited to, investigation, incident triage, impact assessment, resolution proposal, incident communication, and liaison with external security providers and forensic providers.
  • Identify cybersecurity risks from internal systems and material vendors impacting the confidentiality, integrity and availability of the Company, perform threat assessments of identified vulnerabilities and define solutions to improve the cybersecurity posture to protect the Company’s assets and its ability to perform its mission and objectives.
  • Lead the local/regional business units, global stakeholders and external expertise to ensure security compliance to local regulatory requirements.
  • Work with stakeholders to align and comply to the Group/Region Cybersecurity policies, standards and framework.
  • Communicate, implement, localise and execute implementations of security solutions or projects/programs required to meet business objectives.
  • Develop effective stakeholder relationships across the region and with stakeholders from various levels of the Company.
  • Deliver expert level security advisory to internal stakeholders to secure security investments.
  • Communicate effectively and perform presentations to senior stakeholders on project progress and resolve issues efficiently.
  • Utilise and suggest improvements to the business, information and technical improvement to enhance the security posture of the Company and its products and services.
  • Identify tools, solutions, processes, frameworks and standards to improve overall cybersecurity posture.
  • Manage internal resources and external vendors or expertise effectively to achieve the success of the assigned cybersecurity projects and/or change requests in the region.
  • Prepare and present CAPEX and OPEX budget for cybersecurity projects and operations in the region.
  • Provide timely management reporting to relevant Regional/Group Cyber Management Committee.
  • Other duties as assigned by the HOD.

Requirements

  • Tertiary Education in any discipline, preferably in Cybersecurity, Computeer Science, Computer Technology, medical or healthcare-related degree (or equivalent proven knowledge with work experience in cybersecurity domain)
  • Recent 5-7 years of working experience in medical or healthcare-related field, or in IT and/or Product Cybersecurity experience in a demanding, agile MNC environment with leadership and project cyber management responsibilities.
  • Sound experience in working in a regional MNC RHQ shared services environment.
  • Technically competent and have prior project/program implementation experiences in the Cybersecurity domain such as:
    • Cybersecurity Strategy and Roadmap formulation
    • Cybersecurity Framework, Policies, SOP formulation and enforcement
    • Cybersecurity Program and Project Management
    • Cyber Risk Assessment and Management
    • Cyber Incident Response Management
    • Cyber Awareness and Training
    • Cyber Vulnerability Assessment and Penetration Testing
    • Cyber Prevention
    • Cyber Governance
    • Technical Security of Enterprise Systems and Networks
    • Technical Security of Medical Devices
    • Excellent knowledge in ISO 27001 and NIST Cybersecurity framework
    • Experience in security domains in Data Centre design, Microsoft Azure, AWS and DevOps
  • Strong vendor and stakeholder management is essential for this role.
  • Demonstrate ability to build and maintain relationships with a wide array of people at both junior and senior levels, internal within the organisation or externally across industries.
  • Excellent written verbal communication, presentation and negotiation skills.
  • Prossesses an independent, objective and inquisitive mind.
  • Able to communicate effectively primarily in fluent English language (a second Asian language can be a bonus)
  • A matured technical professional with ability to work independently under pressure and within agreed timelines.
  • Possesses high standards of professionalism, personal discipline and integrity.
  • Resourceful Self-starter.
  • Able to work independently and as a good team player with analytical, management and planning skills.
  • Proactive, dynamic and with good conceptual thinking and problem solving skills.
  • Continuous keeping abreast with latest Cybersecurity Technologies and other industry trends.
  • Must Have: CISSP, CISM, CCSP, CISA or other relevant industry professional cybersecurity certifications
  • Good to Have: Project Management Certification (PMP or PRINCE2)
  • Travel Requirement: Traveling to countries in Asia Pacific region is expected on a need and project basis
clinical chemistry analyzer

ALL APPLICATIONS WILL BE TREATED WITH THE STRICTEST CONFIDENTIALITY

We regret that only shortlisted candidates will be notified.

Send Application