The Cyber Risk Management (CyRiM) Project is a 3-year Public-Private Partnership sponsored by Monetary Authority of Singapore (MAS) to foster an efficient cyber-risk insurance market place by developing cyber loss data and analytics, engaging academic researchers, insurance professionals and IT security experts in the research development. CyRiM will be led by the Insurance Risk and Finance Research Centre (IRFRC), of the Nanyang Technological University, Singapore.
A key outcome of the project will be the establishment and ongoing support of an independent database of cyber-incidents and claims data based in Singapore that will collate data of international scope while also maintaining a focus on Singapore and Asia-Pacific. The database will support the study of cyber risk, identification and mapping of risk drivers, underwriting guidelines, and ultimately the development of benchmark cyber-risk loss models. The collaborative project, including MAS, SCOR, NTU / IRFRC, Nanyang Business School, and will also invite and depend upon the participation of key industry partners to combine knowledge and data. Finally, the project has a large research component requiring a strong link with academia that is achieved at an international level through collaborations with universities world-wide.
You will be expected to lead one or more project work streams on cyber vulnerabilities and threats and cyber security assessment.
To support the creation / selection of definitions of cyber events from the perspective of cyber vulnerabilities and threats and to help bridge the gap between IT domain and business or risk management domains.
Identify and source IT security event data and support integration with market event and loss data
To introduce CERT expertise through integration with established CERT teams to support the project initiatives.
As a member of the core project team you will be expected bring content expertise and management skills to assist in the steering of the project on a day to day basis through discussions and regular scheduled project coordination meetings.
You will be expected to report on the project status and latest results to Project Oversight Board and will be able to converse on the implications of the findings and to discuss high level project steering.
You will be able to effectively and efficiently organize and lead industry working groups and be ready and willing to prepare and facilitate topic specific workshops with results oriented outcome.
You will be able to competently present results and findings to key stakeholders and at conferences or seminars on cyber risk.
At least a PhD, or has extensive experience in IT security, CERT, or similar field
Languages: English – fluently spoken and professional level writing
Broad understanding of enterprise technology security issues.
Broad working knowledge of commonly deployed computer network defense and security assessment tools and processes to include leading vendor solutions.
Ability to brief strategic and technical topics to senior management, technical and non-technical audiences.
Knowledge of current operational challenges and technical threats faced by network security and intelligence organizations.
Familiarity with project planning and management best practices.
Ability to write / create clear, understandable documentation that translates complicated technical processes to a target audience.
Able to effectively lead, organize and motivate a small team
Ability to work independently or within a team with members of varying skill sets and levels.
Willing to travel, only small amount of travel expected
To apply, please send your CV to firstname.lastname@example.org with the indication of the advertisement ID (JOB-2016-0237662) in the subject.
We regret that only shortlisted candidates will be notified.