Head of Cybersecurity and Technology Governance, Risk and Assurance

Head of Cybersecurity and Technology Governance, Risk and Assurance Head of Cybersecurity and Technology Governance, Risk and Assurance Direct message the job poster from Kerry Consulting We are seeking a highly experienced and strategic cybersecurity leader to join our client's team as the Head of Cybersecurity Governance, Policy, Risk & Assurance . In this role, you will be responsible for establishing and maintaining the organization's cybersecurity governance framework, risk management practices, policies, and assurance programs. You will work closely with business and technology stakeholders to ensure alignment with industry standards, regulatory requirements, and risk appetite. This is a direct, permanent employment with our client, where you will be managing a small team. Key Responsibilities: Governance & Policy Define and maintain the cybersecurity governance framework, aligning with enterprise risk and compliance programs. Develop, maintain, and socialize cybersecurity policies, standards, and guidelines. Lead policy governance cycles including stakeholder consultations, review, and approval processes. Oversee compliance to internal policies and regulatory requirements (e.g. MAS TRM, ISO 27001, NIST, CSA CCOP). Lead the cybersecurity risk management program, including identification, assessment, treatment, and reporting of cyber risks. Drive implementation of cyber risk metrics and dashboards for executive and board-level reporting. Collaborate with enterprise risk and audit teams to embed cyber risk into wider enterprise risk frameworks. Advise business and technology units on control design, residual risk, and exceptions. Assurance & Audit Develop and lead the cybersecurity assurance program including control testing, self-assessments, and control attestation. Coordinate and manage internal and external audits, including regulator-driven audits and penetration testing programs. Track findings and drive remediation to closure, including reporting to senior stakeholders. Stakeholder Engagement Act as the key liaison to regulators, auditors, and industry bodies on cybersecurity GRC matters. Provide expert guidance to senior leadership, IT teams, and business units on policy interpretation, risk decisions, and control expectations. Conduct regular awareness and training sessions on cybersecurity governance and responsibilities. Strategic Projects Support the CISO in developing multi-year cyber risk and compliance strategies. Partner with Security Architecture, Operations, and Engineering teams to ensure alignment of controls to policies and risk posture. Stay abreast of evolving regulatory and industry trends and advise on potential impacts. Requirements: Bachelor's or Master's degree in Information Security, IT, Computer Science, or related field. Minimum 10-15 years of experience in cybersecurity, with at least 5 years in leadership roles focused on governance, risk, and compliance. Strong knowledge of industry frameworks and standards. Familiarity with financial services, healthcare, or critical infrastructure regulatory environments is an advantage. Professional certifications preferred: CISA, CRISC, CISSP, CGEIT, CISM, CDPSE, ISO Lead Implementer/Auditor. This role is only open to Singaporeans/PR To Apply: If you're keen to explore this opportunity, please share your CV or reach out to Chen Yi at cy@kerryconsulting.com for a confidential discussion. Kindly note that due to the high volume of applications, only shortlisted candidates will be contacted. Registration No.: R1876389 Licence No.: 16S8060 Seniority level Seniority level Director Employment type Employment type Full-time Job function Job function Information Technology Industries Information Services Referrals increase your chances of interviewing at Kerry Consulting by 2x Get notified about new Head of Cyber Security jobs in Singapore, Singapore . Group Chief Information Security Officer (CISO) Field Chief Information Security Officer (CISO), Asia Chief Cloud Information Security Officer HEAD OF CYBERSECURITY (CISO) | PUBLIC PRIVATE ORGANISATION Global Chief Information Security Officer (CISO) TDI – Chief Security Office (CSO) - APAC - Threat Intelligence Regional Lead - Vice President Head of Security Architecture and Engineering Senior Executive, Cybersecurity (IT GRC) Director Roles in Cyber Security Fusion Center (Express of Interest)-R-246028 Associate Director, Application Security Assistant Director (ASEAN-Singapore Cybersecurity Centre of Excellence), ICPO VP_ Head, Vulnerability Management, Group Info Security Cyber Security Head/Lead – Governance, Risk and Compliance (GRC) Regional Head of Cyber Security Engineering & SecOps ID - Senior Assistant Director / Deputy Director (Innovation Capability), ID Vulnerability Management, Security Operations Vice President Associate Director, Cyber Detection and Response Cyber Governance and Regulatory Delivery Office APAC Lead, Director (AVP) We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI. J-18808-Ljbffr

Location: Singapore, Pedra Branca, SG

Posted Date: 7/2/2025