FreeHire

Unison Group

Assistant Manager, IT Governance

Show

Jurong Port’s multipurpose port operating expertise includes efficient handling of general, bulk and containerized cargo, management and operations of the Tuas Offshore Marine Centre, and Lighter Terminals in Penjuru and Marina South. Besides Singapore, Jurong Port is involved in overseas joint ventures in China and Indonesia. In 2016, Jurong Port’s local and overseas terminals handled close to 35 million tons of general and bulk cargo, and 560,000 TEUs of container cargo.

The role will support the development, execution, and continuous improvement of IT governance and cybersecurity risk management initiatives. This role plays a critical part in safeguarding the organisation against evolving cyber threats while enabling digitalisation and ensuring compliance with regulatory requirements in the organisation’s efforts in digitalisation.

IT Governance

  • Support the development, implementation, and maintenance of IT & OT governance frameworks, policies, and standards.
  • Apply cybersecurity standards and frameworks (e.g., ISO 27001, NIST, CIS) in governance activities.
  • Prepare and maintain governance documentation, including policies and procedures.
  • Work with IT and business stakeholders to support secure digital transformation initiatives.
  • Understand and evaluate emerging technologies and the cybersecurity risk to the technologies.

Compliance Management

  • Ensure alignment with internal security policies and applicable regulatory requirements. (e.g., Cybersecurity Act 2018)
  • Support internal/external audits and regulatory reviews.
  • Maintain compliance-related documentation and evidence.
  • Coordination with external (regulatory) agencies on cybersecurity and audit matters.

Risk Management

  • Conduct cybersecurity and IT risk assessments for new and existing technology initiatives.
  • Identify, evaluate, and document IT and cyber risks.
  • Recommend and track implementation of risk mitigation controls.
  • Monitor and manage risk exceptions and deviations.
  • Develop, implement, maintain, and improve the risk management framework for IT & OT, make sure it is based on industry best practices and international standards.
  • Track and report cybersecurity risks and key metrics to management.

Cyber Security Oversight and Collaboration

  • Collaborate with IT, security, and business teams to ensure effective implementation of cybersecurity controls.
  • Support evaluation of cybersecurity tools, monitoring practices, and techniques.
  • Communicate risks, issues, and recommendations to stakeholders.
  • Provide consultancy to internal teams to adhere to best practices on project management.
  • Track and report on cybersecurity risks and governance metrics to management.

Educational Qualifications

  • Degree in Information Technology, Cybersecurity, Information Systems, or other relevant field of study.
  • Professional certification such as CGEIT, CISM, CISA, CISSP, CRISC will be an advantage.
  • Project Management certification such as PMP, CAPM, PRINCE2 will be an advantage.

Requirements

  • Minimum 2-3 years of relevant working experience
  • 1–3 years of experience in IT governance, risk management, or cybersecurity
  • Experience supporting audits, compliance reviews, or regulatory engagements will be an advantage.
  • Highly resourceful individual who possess strong analytical skills
  • Added advantage: Well verse in Security Standards such ISO27001, IEC62443 and NIST etc.
  • Added Advantage: Well verse in MITRE ATT&CK framework.
  • Understanding of regulatory requirements (e.g., Cybersecurity Act 2018; local regulatory knowledge is a plus).
  • Exposure to risk assessment methodologies and governance processes.
  • Working knowledge of cybersecurity tools, monitoring, or analysis techniques is advantageous.
  • Able to explain technical ideas to non-technical audience such as Senior Management and other Internal Stakeholders
  • Strong analytical and problem-solving skills with a structured approach to risk identification and assessment.
  • Detail-oriented, systematic, and highly vigilant in identifying potential cyber risks.
  • Good written and verbal communication skills, with the ability to produce clear documentation and reports.
  • Ability to work independently while being a collaborative team player.
  • Keen sense of accountability and professionalism.