Search Results

Manager / Senior Manager (ICT Governance & Security)

Apply now Agency: Casino Regulatory Authority
Job no.: 551069
Work type: Permanent/Contract
Location: Singapore
Categories: InfoComm, Technology, New Media Communications, Engineering

Casino Regulatory Authority (CRA) was formed in 2008 under the Ministry of Home Affairs to (i) enforce the Casino Control Act; (ii) ensure that the management and operation of casinos in Singapore is and remains free from criminal influence or exploitation; (iii) ensure that gaming in the casinos is conducted honestly; and (iv) contain and control the potential of the casinos to cause harm to minors, vulnerable persons and society at large.

Job Responsibilities

You will be part of a dynamic and innovative team to plan, drive, develop and implement IT security systems / services for CRA. You will:

  • Manage the Infocomm Technology (ICT) governance and security programme including the development, implementation, maintenance and monitoring of the ICT security policies, standards, guidelines and procedures.
  • Conduct risk assessment on application systems and infrastructure to identify and address risk areas and non-compliance to technology information security policies and standards.
  • Manage vulnerability assessment, penetration testing and secure code reviews to ensure identified vulnerabilities are assessed appropriately, and necessary mitigation and remediation measures are implemented timely.
  • Manage and ensure continuous compliance to the ISO27001 certification and Government IMs.
  • Investigate and recommend security technologies and/or controls for weaknesses identified that may potentially jeopardise the security.
  • Provide consultancy and advice on IT security related concepts and technologies to the application, infrastructure and business operation teams. 
  • Manage, facilitate and administer IT security reviews, audits and risk assessments, and to ensure committed action items to audit observations are closed in a timely manner.
  • Manage cyber threat alerts and advisories from GovTech, Government Security Agencies and other relevant sources to ensure prompt dissemination and follow-up.
  • Plan, develop and deploy employee awareness programme to raise general awareness of IT security threats, and educate them on good protection tools and practices against the emerging threats.
  • Monitor, identify and evaluate new security technologies or tools to counter emerging or existing threats
  • Provide risk management reports and metrics and any other ad-hoc management reporting as required.


  • Knowledge in computer science, information systems, electrical engineering or related field.  
  • Experience in project management in deployment or operations of IT Security systems or services.
  • Knowledgeable about security standards like ISO27001.
  • Strong knowledge of security technologies such as enterprise AV, NAC, IPDS, and SIEM. 
  • Certification in CISA, CISM and/or CISSP is a plus.
  • Good in analytical problem solving and troubleshooting skill
  • Good presentation and writing skills, with ability to contextualise technical concepts to general users.
  • Should possess at least 3 years’ experience in Information Technology Security operations or management.

All applicants who are shortlisted for the next round of assessment will be notified within 4 weeks of the closing date of this job posting.

Applications close:

Back to search results Apply now

Share this:

| More
Back To TopTOP