Cybersecurity Lead

Position Overview:We are looking for a Cybersecurity Lead to join our Information Technology Team. This person will be responsible for driving the improvement of the IT security posture of SBIDM by: engaging with technology stakeholders to proactively identify cybersecurity risks at a detailed and technical level; designing and implementing technical risk mitigating measures; supporting the TRM compliance and ISO 27001 programs of SBIDM; and monitoring and investigating security alerts.Key Responsibilities include (but are not limited to):Identify cybersecurity risks and mitigate them by designing technical risk solutions and working with the appropriate teams to implement them. This includes security risks in SBIDM developed systems, infrastructure, office network etc.Assess and evaluate the IT security aspects and cybersecurity risks of the critical software, tools, systems etc. that SBIDM uses to achieve its business objectives, especially in the context of cryptocurrency. These include: company assets, cloud infrastructure, self-developed software, 3rd party vendors and software service providers etc. to ensure they align with SBIDM’s security and regulatory requirements. Working closely with the project management office to maintain and improve our MAS Technology Risk Management compliance and ISO 27001 certification by: crafting policies and developing key security and technical processes; effectively communicating with auditors, regulators etc. to explain our security posture.Monitor SBIDM systems, investigate cybersecurity alerts and respond to them appropriately while keeping senior management informed of the emerging situation.Creating and conducting IT security training programs for employees of SBIDM.Qualifications and SkillsBachelor’s degree in Information Security, Computer Science, or equivalent.At least 5 years of relevant experience in financial institutions / fintechs.Good appreciation of the enhanced risks of cryptocurrency brings and how to mitigate these risks.Strong understanding of MAS TRM, ISO 27001, CIS or equivalent standards.CISM/CISSP certification or equivalent.Technical experience with using security tools.DevSecOps experience is a plus.Excellent written and verbal communication skills. Especially with respect to senior stakeholders, auditors and regulators.Comfortable with ambiguity and changes in a fast-paced environment.