Lead, Cyber Defence & Resilience

Mediacorp is Singapore's largest content creator and national media network, operating a suite of TV channels, radio stations, and multiple digital platforms. Its mission is to engage, entertain, and enrich audiences by harnessing the power of creativity.

We are committed to creating an inclusive and diverse workplace where talent thrives. Our hiring decisions are made based on merit and fit-to-role. If you have a disability or special need which requires accommodation to participate in the recruitment process, please inform us when you submit your online application. We will be happy to support as necessary.

Thank you for your interest and application to this role. Please note that only short-listed candidates will be contacted.

As the Lead for Cyber Defence & Resilience, you will lead the end-to-end protection of broadcast and digital media infrastructure by establishing proactive detection, response, and threat mitigation capabilities. You will be responsible for developing and operating advanced threat intelligence, detection engineering, and incident response capabilities to safeguard live broadcasting systems, editorial assets, and viewer-facing digital platforms. You will drive a resilience-focused defence strategy aligned with national critical information infrastructure (CII) requirements and global cybersecurity best practices.

Scope of the role

The major focus of this role is to build and lead the strategic and operational management of our Cyber Defence & Resilience function and ensuring continuous protection of our broadcast, digital media, and corporate environments. You will be responsible for building a resilient threat detection and response ecosystem that will be world class and will protect our most important assets - whilst ensuring that our critical broadcast infrastructure, editorial systems, production workflows, public-facing platforms, and information are securely monitored and protected. Your aim will be frictionless security, enabling the business to achieve their output and uptime goals through cyber resilience services and a strong cyber security culture, whilst delighting the people who use our products.

Responsibilities

Strategy & Leadership

• Define and execute the Cyber Defence strategy aligned with enterprise risk posture, regulatory expectations, and evolving threat landscape
• Build and lead a high-performing team comprising SOC analysts, threat hunters, digital forensics experts, and incident responders
• Collaborate with the CISO, Finance, Legal & Regulatory, Technology, HR, and Communications teams to embed cyber resilience in both IT and broadcast technology environments

Threat Detection & Response

• Lead 24/7 Security Operations Centre (SOC) operations, ensuring timely detection, triage, and mitigation of cyber threats
• Develop detection engineering standards and continuously enhance use cases in SIEM, SOAR, and EDR platforms
• Coordinate incident response efforts for cyberattacks, including ransomware, broadcast signal hijacking, or supply chain compromises

Threat Intelligence & Hunting

• Establish a cyber threat intelligence (CTI) program focused on sector-specific adversaries (e.g., hacktivists, nation-state actors)
• Drive proactive threat hunting and develop hypotheses based on threat actor TTPs (MITRE ATT&CK framework)
• Participate in information-sharing with local and international threat intel communities (e.g., ISACs)

Resilience & Crisis Preparedness

• Oversee cyber playbook development for simulated broadcast disruptions and content manipulation scenarios
• Lead cyber exercises with media ops and crisis management teams, including tabletop and red-blue-purple teaming
• Define metrics and KRIs for mean time to detect (MTTD), respond (MTTR), and recover (MTTRcv)

Governance, Risk & Compliance

• Ensure all cyber defence capabilities are aligned with regulatory standards (e.g., IMDA Broadcast Cybersecurity Code, CSA CCoP, PDPA, etc)
• Contribute to audits, risk assessments, and the implementation of compensating controls
• Ensure secure logging, monitoring, and compliance reporting across hybrid environments

Functional/Leadership Competencies

• Strong analytical, problem-solving and critical thinking skills
• Effective communication and interpersonal skills
• Demonstrated experience in team management and leadership
• Team player who is self-driven and capable to work independently
• Excellent cross-functional and interpersonal skills, with the ability to communicate with technical and non-technical teams
• Willingness to work an on-call rotation and when needs arises

Functional Competencies

• Deep expertise in SIEM/SOAR, EDR/XDR, TI platforms, and log analysis tools
• Strong understanding of threat actor behaviour, kill chains, and MITRE ATT&CK
• Deep understanding of cyber threats relevant to media (e.g., content tampering, broadcast signal interference, ransomware, DDoS) is an advantage
• Strong experience in threat detection, incident response, and SOC operations in hybrid IT/OT environments
• Effective communicator who can engage with executives, regulators, and technical teams

• Bachelor's degree in Cybersecurity, Information Technology, or a related field
• Minimum 10 years of cybersecurity experience, including 5 years in cyber defence or cybersecurity operations leadership roles
• Proven experience defending against advanced persistent threats (APTs), preferably in media, or critical infrastructure, or digital content sectors
• Familiarity with media and broadcasting technologies (e.g., playout systems, digital publishing platforms) is an advantage
• Industry certifications (e.g. CISM, CISSP, OSCP, GCIH, GCFA, GCIA, GPEN, etc.)