Cyber Risk Supervision Specialist

Cyber Risk Supervision Specialist

CYBER RISK SUPERVISION SPECIALIST

FIXED TERM CONTRACT

About the FSC:

The Financial Services Commission (FSC) is an integrated Financial Services regulator. Our mission is to regulate and supervise the Securities, Insurance, Private Pensions and Trust and Corporate Services providers for the protection of their users, thereby enhancing public confidence through the efforts of a competent workforce.

We are seeking individuals who are self-directed, result-oriented, and have a passion for providing excellent service.

The FSC has an immediate opening for the position of Cyber Risk Supervision Specialist.

SUMMARY OF RESPONSIBILITIES

The Cybersecurity Supervision Specialist will support the supervisory function of the Financial Services Commission (the Commission or the FSC) with evaluating the cybersecurity and operational risk management programs for registrants and licensees under the Insurance Act, the Pensions (Superannuation Funds and Retirement Schemes) Act, the Securities Act, and the attendant regulations under the Acts.  

MAJOR ACCOUNTABILITIES

• Lead and contribute to cybersecurity examinations to determine the effectiveness of registrants and licensees’ cybersecurity programme; develop recommendations and lead validation efforts to address identified issues to perform examination work as part of the Commission’s Risk-Based Supervisory Framework for cybersecurity targeted to high-risk areas and institutions, as necessary.
• Lead the examination team to supervise registrants’ and licensees’ management of technology risk, cyber security, electronic financial services, and business continuity planning.
• Provide advice and support to supervision teams in their engagement with regulated entities regarding their cyber resilience, leading discussions with senior management to provide challenges where required.
• Contribute to the FSC’s cyber security supervisory initiatives in support of training, the evolution of its supervision programme, and the development of guidance to enhance the supervision of registrants and licensees.
• Analyze and interpret information to establish priorities and perform testing to help estimate cybersecurity risk and potential impact to the safety and soundness of registrants and licensees and the stability of the financial system.
• Prepare and deliver written analyses and presentations on industry trends and emerging risks that translate potential risk exposures into supervisory implications.
• Keeping abreast of developing security threats, and helping the broad understanding of potential security problems within the supervised community.
• Contributing to the assessment of proposals from licensees for the implementation of new IT products and services including implementation of new technology products; major system deployments; and digital and cybersecurity strategies.

Educational Requirement (s)

• A Postgraduate Degree in Systems Engineering, Computer Science, Computer Engineering, Information Technology, Management Information Systems, Security and Risk Management or Cybersecurity or a related field.
• Relevant professional qualifications and certifications e.g. CISA, CISM, CRISC, CISSP, CSX, Lead auditor ISO 27001, Lead auditor ISO 2230.

Required Experience and Skills

• A minimum of 5 years of Information Security, IT Risk Management, Information System auditing or related work experience.
• Experience of delivering reviews in operational/cyber resilience and cyber/information security.
• Understanding and knowledge of relevant cyber security standards, best practices, and guidelines (e.g. ISO27001, ISO22301, NIST).