Asst Dir, Digital Governance, Technology Delivery & Ops Dept (1 yr contract)
Accounting and Corporate Regulatory Authority
- Singapore
- Contract
- Full-time
- Lead and execute ACRA's digital governance, IT risk management and compliance, ensuring alignment with Whole-of-Government (WOG) directives and industry best practices. • Serve as ACRA's appointed Security Incident Response Officer (SIRO), proactively report all confirmed or suspected cybersecurity incidents, gather evidence for impact and severity assessment, impact assessment of the cybersecurity incident, escalating the incident to relevant authorities, determining appropriate containment and corrective actions, track and coordinate incident responses and submit incident report, updates and post incident inquiry report. • Develop, review and maintain IT and data governance policies, standards and processes to ensure adherence to the Government Instruction Manual for ICT & Smart Systems (ICT&SS). • Drive continuous improvement initiatives for digital governance and operational efficiency, introducing new processes, platforms, or controls where necessary. • Partner with IT and business teams to assess security risks for all new projects and ensure mitigation plans are embedded before deployment to production. • Lead the implementation of cost-effective IT security and data protection solutions to address governance gaps and emerging threats. • Educate staff and vendors on digital governance policies and cybersecurity awareness through workshops, phishing exercises and sharing sessions to enhance vigilance. • Coordinate with central governance teams and external vendors to report, track and close digital governance gaps, meeting KPIs and audit requirements. • Act as an internal independent reviewer to validate IT systems, controls and data projects, ensuring compliance and readiness for production release. • Develop and drive the execution roadmap for enterprise information and security governance, securing stakeholder buy-in and ensuring alignment with ACRA's objectives.
- Professional qualifications in Cybersecurity, Information Security, Computer Science or equivalent. Knowledge of Cloud hosting like Amazon Web Services will be advantageous. • Minimum 8 years of relevant experience in IT governance, risk management, cybersecurity, or related functions. • Proven track record in implementing IT security controls, governance frameworks, and compliance in alignment with public sector or industry standards. • Strong understanding of risk management principles and security standards (e.g., ISO 27001/27002, NIST Cybersecurity Framework, OWASP). • Proactive, quality-conscious, and results-driven team player with strong collaboration skills. • Excellent communication and stakeholder management skills, with the ability to influence and engage across divisions, agencies and vendors. • Ability to think strategically, work independently, and lead cross-functional initiatives.