Head of Cyber Resilience

We are seeking an experienced and strategic Head of Cyber Resilience to lead the organisation’s cyber resilience strategy, ensuring the business can anticipate, withstand, respond to, and recover from cyber threats.

职责

The Head of Cyber Resilience will be responsible for developing and executing the enterprise-wide cyber resilience strategy, ensuring alignment with regulatory requirements, organisational risk appetite, and recognised global security standards. The role will oversee incident response and cyber crisis management capabilities, including the design and execution of simulation exercises and readiness testing, to ensure the organisation can effectively respond to and recover from major cyber threats.

This position will also lead cyber-related business continuity and disaster recovery planning, ensuring that critical systems and services meet defined recovery objectives. A key aspect of the role includes orchestrating cyber maturity assessments (e.g., NIST, ISO 27001, CRI) and implementing risk profiling frameworks, KRIs, and remediation tracking to continuously strengthen the organisation’s security posture.

In addition, the Head of Cyber Resilience will drive cybersecurity education, awareness, and training initiatives to enhance employee cyber hygiene and foster a strong culture of security across the organisation. The role will further strengthen resilience across critical third parties through risk assessments and oversight mechanisms, while engaging senior leadership and key stakeholders through regular reporting on cyber posture, emerging threats, and resilience initiatives.

要求：

The ideal candidate will have at least 12-15 years of experience in cybersecurity, with significant exposure to cyber resilience, incident response, risk management, and security governance within a large or regulated environment. A strong working knowledge of recognised frameworks such as NIST Cybersecurity Framework, ISO 27001, CRI, and relevant regulatory guidelines (e.g., MAS TRM) is essential.

Experience conducting cyber maturity assessments, implementing risk profiling methodologies, and reporting KRIs to senior leadership is required. A solid understanding of security education, awareness, and training methodologies, including experiential learning and behavioural change principles, will be highly valued. The role requires strong stakeholder management skills, with the ability to communicate complex technical concepts clearly to both technical and non-technical audiences, including executive and Board-level stakeholders.

申请

If you’re interested to apply or find out more, please share across your CV or reach out to Chen Yi at cy@kerryconsulting.com for a discussion. Due to anticipated high volume of applications, we regret to inform that only shortlisted candidates will be notified.

Reg: R1876389

Lic: 16S8060