Global Cybersecurity Specialist

About HOYA Surgical Optics (HSO)

HOYA Surgical Optics (HSO) is the globally leading Preloaded Intraocular Lens (IOL) focused company that provides technologies and solutions that exceed expectations, enabling ophthalmic surgeons to focus on restoring sight. We are dedicated to improving the vision and quality of life for millions of people suffering from cataract, and helping them celebrate life visually.

HSO empowers cataract surgeons all over the world with innovative ophthalmic devices and services, with an attention to detail that helps them achieve better surgical outcomes and better practice results. Our commitment to delivering these results is grounded upon a quality management system that is continuously improving to meet changing global regulatory requirements and our entrepreneurial drive to be the brand of first choice.

At HSO, People is the key factor to our success. We aim to create a conducive work environment for our employees around the globe, and to promote an inclusive culture based on our core values – Excellence, Passion, Innovative, Collaboration, and Accountability.

HSO way of working

In fulfilling our roles, we are

• Accountable for our own capabilities and development,
• Focused on delivering results without excuses, and
• Alive to the sensitivities, risk, and impact we have on others and work in a way that helps others do their work effectively.

We are looking for people who

• See beyond themselves and are impact-focused,
• Consider the needs, challenges, and objectives of every person with whom they interact, and
• Exhibit positive reinforcement to help others succeed.

About the role

Job Title: Global Cybersecurity Specialist

Work Location/Site: Singapore, Global Headquarters

Role Overview

The Cybersecurity Specialist is responsible for implementing, managing, and enhancing cybersecurity measures to protect the organization's digital assets and information systems. This role involves assessing security threats, prioritizing risks, implementing security architectures and designs, and continually improving technical solutions to ensure robust protection.

The candidate will ensure compliance with global standards, escalate security issues, and implement projects effectively. 

Duties and Responsibilities

• Conduct comprehensive assessments of internal IT systems to identify vulnerabilities and potential security risks.
• Establish and manage security monitoring tools such as EDR, NDR, Microsoft Sentinel etc. to detect and analyse security risks and threats.
• Lead investigation of security incidents by analysing logs, identifying security issues, and recommending solutions.
• Evaluate and assess the security maturity of third-party vendors, IT products and systems to ensure compliance with the organization's security standards.
• Engage in the enhancement, assessment, and implementation of cybersecurity frameworks in accordance with the NIST Cybersecurity Framework (CSF).
• Monitor and track suspicious network and application behavior, including investigating breaches, gathering evidence, and analysing security log/access reviews.
• Execute security projects such as data classification, DLP, security blueprint, etc... across organizations.
• Create management reporting for cybersecurity evolving threats, organization maturity assessment and initiatives.

Requirements

Experience

Minimum of 10+ years of experience in IT domain (Infrastructure, Network and Security) and at least 5 years in cybersecurity.

Skills/Accreditations 

• Knowledge of common security framework like CIS, NIST CSF, etc.
• Knowledge of regulatory requirements related to cybersecurity (e.g., GDPR, FDA, etc).
• Experience with Microsoft Azure cloud and native security solutions is required.
• Experience with incident response in relation to cyber events is required.
• Experience with SOC (Security Operations Center) teams to monitor and manage security incidents and events in real-time.
• Proficient in using SOC tools and technologies to identify threats, analyse data, and ensure timely response to security incidents.
• Excellent communication skills in English (spoken & written) and ability to explain security risks and controls to technical and non-technical stakeholders.
• Hands-on experience in investigating breaches, gathering evidence, and analysing security log/access reviews is plus.
• Experience with DevSecOps transformation is plus.

Academic Qualifications 

• Bachelor’s degree in computer science or related discipline
• Industry certifications such as CISSP or cybersecurity Subject Matter Expert.

Travel requirements 

• On Demand (less than 10%)