×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

Lead​/Senior Cybersecurity Governance Specialist, CISO Office

Remote / Online - Candidates ideally in
Singapore
Listing for: Government Technology Agency
Remote/Work from Home position
Listed on 2026-05-18
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Salary/Wage Range or Industry Benchmark: 60000 - 80000 SGD Yearly SGD 60000.00 80000.00 YEAR
Job Description & How to Apply Below
Position: Lead / Senior Cybersecurity Governance Specialist, CISO Office

Gov Tech is the lead agency driving Singapore’s Smart Nation initiatives and public sector digital transformation.

Responsibilities

The Cyber Security Group (CSG) delivers technical and operational capabilities to counteract cyber threats, providing thought leadership and strengthening the cybersecurity posture of government agencies. Reporting to the Ministry CISO (MCISO), you will be the primary architect of the Ministry’s security governance and risk management framework.

1. Enterprise Risk Governance & Management
  • Establish and oversee a dynamic, living Ministry-wide security risk register that reflects the current threat landscape.
  • Lead high‑level risk conversations with Senior Management and Agency CIOs, translating technical risks into clear business impacts.
  • Develop a robust framework to guide agencies in performing consistent, high‑quality risk analysis, empowering calculated risk taking.
2. Threat Risk Assessment (TRA) & Standards
  • Establish and maintain Ministry-wide standards for conducting Threat Risk Assessments across diverse domains, including Cloud, Web Applications, and OT/ICS systems.
  • Develop SOPs to guide agency project teams in identifying Crown Jewels (Critical Information Assets) and mapping comprehensive threat vectors.
  • Define common security configuration standards that are technically effective in mitigating identified risks.
3. Zero Trust & Architecture Governance
  • Lead the establishment of a Ministry-wide Zero Trust Framework, setting standards for identity‑based security, micro‑segmentation, and continuous verification.
  • Provide expert GRC input during the design phase of high‑impact systems to ensure security‑by‑design and alignment with Ministry standards.
  • Evaluate and recommend security technologies that effectively mitigate specific risks.
4. Supply Chain & Ecosystem Risk Management
  • Establish the framework for managing risks across the software supply chain and IT vendors.
  • Develop standards for assessing the cyber‑resilience of third‑party partners and managing risks associated with software dependencies.
5. Audit Excellence & Systemic Improvement
  • Shift agencies from reactive audit preparation to continuous compliance and readiness.
  • Oversee the closure of audit findings, ensuring substantive, effective technical fixes.
  • Analyze audit trends across the Ministry Family to identify and address systemic weaknesses proactively.
6. Stakeholder Management & Threat Intelligence
  • Partner with Agency CIOs, CISOs, and Project Owners to inculcate a proactive risk‑management mindset.
  • Keep abreast of evolving attacker TTPs and technology changes, periodically reviewing the relevance of existing Ministry‑wide defences.
Requirements Experience
  • 10–12 years in Cybersecurity GRC, Information Security Risk Management, or Security Architecture.
  • Proven experience managing risks across IT and Cloud environments; exposure to OT systems is a significant advantage.
  • Deep familiarity with Singapore Government security policies and international standards (e.g., NIST, ISO 27001).
Technical Skills
  • Mastery of risk assessment methodologies and ability to translate technical vulnerabilities into business risk.
  • Strong technical understanding of Zero Trust Architecture components and cloud security technologies (Firewalls, EDR, IAM, SIEM, CSPM, CWPP, CASB, secrets management).
  • Ability to map technical controls to the MITRE ATT&CK framework for defensive coverage.
  • Proficiency in manual and automated offensive security testing tools.
  • Professional certifications such as CISM, CRISC, CISSP, OSCP, or OSWE are highly preferred.
Soft Skills
  • Strategic influence and ability to persuade senior stakeholders about rigorous risk governance.
  • Critical thinking to uncover and fix underlying systemic issues beyond surface‑level audit compliance.
  • Lifelong learner passionate about evolving security technologies and cyber‑threat landscapes.
  • Exceptional ability to translate deep technical issues into business risk for non‑technical leaders.
Other Requirements
  • This role is open to Singaporeans only.
Equal Opportunity & Benefits

We are an equal opportunity employer and value diversity. Our employee benefits are based on a total rewards approach, offering a generous leave package and a holistic range of perks. Employees can work from home or onsite as required, and benefit from continuous learning and development opportunities.

#J-18808-Ljbffr
Position Requirements
10+ Years work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search