We are living in dynamic times - Technology is reshaping how we live, and we want to use it to redefine how financial services are offered. Grab is the leading technology company in Southeast Asia offering everyday services to the masses. Singtel is Asia’s leading communications group connecting millions of consumers and enterprises to essential digital services. This is why we are coming together to unlock big dreams, and financial inclusion for people in our region is just one of them.
What You Will Do
- Establish a clear direction and strategy on risk communication; as well as information/cyber security training, risk awareness and testing.
- Develop, manage and implement information/cyber security awareness and training programmes with the objective to instill and reinforce positive behavior amongst Digibank employees and contractors.
- Ensure information/cyber security training and awareness programme is in line with applicable requirements under Digibank’s Security policy and standards. Training programme and knowledge assessment should be designed in such a way that are effective, measurable and interactive (e.g., gamification).
- Administer delivery of information/cyber security training and awareness programmes via an intuitive and self-service content delivery platform. Training programmes should cover generic (i.e., all employees) as well as targeted / role-based (e.g., privileged users) security requirements.
- Ensure Digibank’s information/cyber security training and awareness programme is updated and supported with latest cyber threats and technological trends. Such programmes should be refreshed annually.
- Evaluate effectiveness of information/cyber security training and awareness programmes via periodic feedback requests to stakeholders.
- Embed information/cyber security training as part of new hire onboarding and internal transfer (leading to a role change) requirements. This covers both generic and role-based training.
- Track, monitor and report/escalate all related KPIs and KRIs including non-completion of information/cyber security training programme, repeated late completion of e-Learning, knowledge assessment outcome, failed phishing tests including click-through rates, etc.
- Collaborate with the Procurement and Legal team to ensure similar information/cyber security training and awareness programmes are embedded as part of our SLA/contract with outsourced service providers; and work with internal Assurance function on third party monitoring requirements.
- Identify common themes and areas of information/cyber security that employees and contractors often struggle with, as reflected through knowledge assessment outcome; and work with relevant Policy teams to enhance clarity of Security policies and standards where applicable.
- Identify industry-level benchmarking opportunities to assess adequacy and effectiveness of our information/cyber security training and awareness (including phishing) programme with our peers and other Neo banks / virtual banks.
- Support CISO in executive-level risk awareness communication to employees, senior management and board members (e.g., security advisories, newsletter, quarterly security insights).
Required Skills and Abilities
- Degree in Communications, Business Administration or Computer Science / Technology-related field.
- Ability to form complex ‘communications and technical messages’ in a simple, clear and concise manner (e.g., ‘headlines’) to the various levels of audience (e.g., employees, senior management, board members).
- Good presentation and communication skills with proficiency in English (both verbal and written).
- Good project management and time management skills.
- Professional information security certification (e.g., CISM, CISMP) is strongly recommended.
- Job type:Internships
Administration, Communications, Computer Science
- Closing Date:16th Dec 2021, 6:00 pm