Information Security Governance, Risk
3 weeks ago
Summary
Working as part of the information security office within the IT department at Pacific Prime CXA, the GRC (Governance, Risk and Compliance) Manager will be responsible for leading the day-to-day IT compliance, data governance and IT risk management functions. Primary responsibility will include defining, creation, management and maintenance of IT and organizational policies and standards in support of legal and regulatory compliance needs as well as general IT and organizational information security controls and practices.
Responsibilities
- Establishing corporate information security policies, standards, guidelines, baselines and practices that protect the integrity and confidentiality of information and network infrastructure.
- Develop procedures and controls to assure compliance with applicable regulatory and legal requirements as well as good business practices.
- Proactively identify audit and compliance related issues to reduce the risk of security exposures, gaps in the design and operating effectiveness of controls whilst seeking opportunities for continuous improvement.
- Driving IT security programs in line with internal and external standards and ensuring compliance with in-country regulatory requirements.
- Maintaining oversight to enterprise-wide security technologies, actively monitoring & responding to security events.
- Develop and maintain standards and controls to ensure the protection of data based on classification.
- Work directly with business units to identify critical data and ensure appropriate data classification and protection standards are implemented.
- Manage the attestation program for all IT controls to support assurance and alignment across all information security stakeholders.
- Support internal and external audit process for relevant compliance concerns including PDPA, GDPR, MAS TRM, ISO27001, etc.
- Perform and evaluate information security risk assessments for various information systems and processes, including annual penetration tests.
- Develop, monitor, track and report against IT Security metrics and KPIs that help the IT Infra understand threats, vulnerabilities and risks associated with protecting information across the enterprise and plans to mitigate those risks.
- Develop and maintain the IT Risk Register to support ongoing tracking and management of all identified risks and issues and to ensure adequate and timely resolutions to all audit/review issues relating to security.
- Lead the development and operation of third-party vendor risk assessment, management and due-diligence program.
- Conduct client meeting and drive all the questions arising from client relationship teams. This includes completing client’s info security questionnaires and liaising with clients on all such requirements within tight deadlines.
- Formulate, lead and communicate security goals and objectives based on an integrated understanding of business priorities, security vision and strategy.
- Providing security related support to IT and business team users and facilitate recommendations on future technical trends/directions that encompass multiple systems and teams to meet business critical initiatives.
- Point of contact to assist and advise on Information Security related matters
Requirement
- BSc in Computer Science or equivalent; with 5+ years of relevant working experience in IT governance, risk, and compliance management.
- ISACA / CISM / CISSP Certification.
- Strong understanding of fundamental information security concepts and technology.
- Familiarity with ISMS and security frameworks, particularly NIST Cybersecurity Framework.
- Understanding of Information Security principles, IT infrastructure (including operating systems, applications, communications and network protocols), architecture elements of Identity Access Management (IAM), network security, data security/DLP, cryptography, logging and monitoring.
- Experience in security design, threat modelling and risk assessments.
- Candidate should be fully aware of the current and emerging security solutions available in the industry.
- Ability to be self-motivated, flexible and be able to drive and manage multiple tasks and priorities on very tight deadlines in a fast paced and rapidly changing environment.
- Strong interpersonal and collaboration skills with the ability to develop, maintain and foster constructive relationships with others.
- Excellent written and oral communication skills.
- Effective communication and analytical skills
- Strong work ethic with attention to detail.
Tell employers what skills you have
Information Security
Audit and Compliance
External Audit
Oral Communication Skills
Risk Assessment
Regulatory Compliance
IT Governance
Data Classification
Cryptography
Data Security
Data Governance
Computer Science
Logging
NIST
IT Risk Management
Operating Systems
Cyber Risk Management
Network Security
CISSP
CISM
-
Information Security Governance, Risk
3 weeks ago
Singapore Pacific Prime Insurance Brokers Singapore Pte. Ltd. Full timeSummaryWorking as part of the information security office within the IT department at Pacific Prime CXA, the GRC (Governance, Risk and Compliance) Manager will be responsible for leading the day-to-day IT compliance, data governance and IT risk management functions. Primary responsibility will include defining, creation, management and maintenance of IT and...
-
Information Technology
3 weeks ago
Singapore Singapore Airlines Limited Full timeJob DescriptionYou will be a member of the Group Information Security Team responsible for ensuring corporate applications, systems, networks, and digital assets are adequately protected and mitigated against cyber threats and risks. You will help drive cybersecurity and risk management efforts and user awareness and education within the Singapore Airlines...
-
Information Technology
4 weeks ago
Singapore SINGAPORE AIRLINES LIMITED Full timeRoles & ResponsibilitiesJob DescriptionYou will be a member of the Group Information Security Team responsible for ensuring corporate applications, systems, networks, and digital assets are adequately protected and mitigated against cyber threats and risks. You will help drive cybersecurity and risk management efforts and user awareness and education within...
-
Information Security Manager
3 weeks ago
Singapore Singapore Aerospace Manufacturing Pte Ltd Full timeSAM is looking to fill the position of Information Security Manager. This is a regional role and is overall in-charge of all the entities under SAM. He/She will report to the CEO.ResponsibilitesTo develop and implement a long-term Information Security & Cyber Security strategies and roadmap to protect corporate information and IT assets.Set up Cyber Security...
-
Information Security Risk Specialist
4 weeks ago
Singapore LICO RESOURCES PTE. LTD. Full timeRoles & ResponsibilitiesLico Resources, the specialist executive search firm, is partnering with a leading financial institution in searching for an Information Technology Risk Management Professional. The institution is a key player in the finance sector and is dedicated to fostering a secure and technologically advanced environment for its clients. they...
-
Information Security Manager
4 weeks ago
Singapore SINGAPORE AEROSPACE MANUFACTURING PTE LTD Full timeRoles & ResponsibilitiesSAM is looking to fill the position of Information Security Manager. This is a regional role and is overall in-charge of all the entities under SAM. He/She will report to the CEO.Responsibilites To develop and implement a long-term Information Security & Cyber Security strategies and roadmap to protect corporate information and IT...
-
Information Security Risk Specialist
3 weeks ago
Singapore Lico Resources Pte. Ltd. Full timeLico Resources, the specialist executive search firm, is partnering with a leading financial institution in searching for an Information Technology Risk Management Professional. The institution is a key player in the finance sector and is dedicated to fostering a secure and technologically advanced environment for its clients. they are seeking a dynamic...
-
Cyber Security Manager
1 week ago
Singapore JONDAVIDSON PTE. LTD. Full timeRoles & Responsibilities Degree in engineering, science or information technology, or equivalent education. Minimum 10 years of related work experience in cybersecurity management and security governance. Candidates with additional experience will be considered for the Senior Manager position. Good working knowledge of security risk management, security...
-
Singapore MERRILL LYNCH GLOBAL SERVICES PTE. LTD. Full timeRoles & ResponsibilitiesAt Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities, and shareholders every day.One of the keys to driving Responsible Growth is being a great place to...
-
Singapore Merrill Lynch Global Services Pte. Ltd. Full timeAt Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities, and shareholders every day.One of the keys to driving Responsible Growth is being a great place to work for our teammates...
-
Information Technology Security
3 weeks ago
Singapore Kgi Securities (singapore) Pte. Ltd. Full timeAbout The CompanyKGI Securities is a leading multi asset brokerage firm with presence across several countries in Asia and a pioneer member of the Securities & Derivatives, Trading and Clearing Member of Singapore Exchange, ICE Futures Singapore and ICE Clear Singapore.We hold a Capital Markets Services License, is regulated by the Monetary Authority of...
-
Singapore SOCIETE GENERALE Full timeRoles & ResponsibilitiesDepartment DescriptionReporting within the Global Business Service Unit (GBSU) to the IT Risk And Production Management (RPM) department, the Data & Cybersecurity (DCS) team is responsible for securing and steering Information Security and Cybersecurity related risks falling under Global Banking & Investor Solutions' (GBIS)...
-
Regional Information Security Officer
2 weeks ago
Singapore Lockton Companies (singapore) Private Limited Full timeJob DescriptionDefining and implementing a Cybersecurity Strategic Plan at Lockton entities in-scope, aligned with the Global Cybersecurity Strategic Plan, business objectives, local and regional regulatory and compliance requirementsDetermining methods to implement, enforce and advise the Lockton entities in-scope on cybersecurity related issues. This...
-
Security Concierge
2 weeks ago
Singapore Security & Risk Solutions Pte. Ltd. Full timeJob Description:The Security Concierge plays a vital role in maintaining a secure and welcoming environment for all individuals entering the premises. This position combines clerical and administrative responsibilities with security-related tasks to ensure efficient operations and adherence to safety protocols. The ideal candidate will possess strong...
-
AVP/VP - Information Security Risk Specialist
4 weeks ago
Singapore LICO RESOURCES PTE. LTD. Full timeRoles & ResponsibilitiesLico Resources, the specialist executive search firm, is partnering a leading financial institution in searching for an Information Technology Risk Management Professional. The institution is a key player in the finance sector, and is dedicated to fostering a secure and technologically advanced environment for its clients. they are...
-
Regional Information Security Officer
2 weeks ago
Singapore LOCKTON COMPANIES (SINGAPORE) PRIVATE LIMITED Full timeRoles & ResponsibilitiesJob Description Defining and implementing a Cybersecurity Strategic Plan at Lockton entities in-scope, aligned with the Global Cybersecurity Strategic Plan, business objectives, local and regional regulatory and compliance requirements Determining methods to implement, enforce and advise the Lockton entities in-scope on...
-
Chief Information Security Officer
4 weeks ago
Singapore Credit Agricole Corporate And Investment Bank Full timeChief Information Security Officer for ISS SingaporeReporting functionally to the Global CISO - Head of ISS in CACIB Paris, and hierarchically to the Head of ISAP, he/she is:- CISO of Singapore Branch- Head of APAC/ME ISS filière, that coordinates Information Security on the APAC/ME region.He/She is in charge of assessing the Information System Security...
-
Security Officer
4 days ago
Singapore SECURITY & RISK SOLUTIONS PTE. LTD. Full timeRoles & ResponsibilitiesWork Location and Timing: Located at Changi Alternate 5 and 6 working days per week 12 hour rotating shiftJob Description: Manage access control at designated points and oversee vehicle access, including screening individuals/bags Perform security screening using X-ray machines Respond to any security incidents which includes...
-
Cyber Security Manager
7 days ago
Singapore Jondavidson Pte. Ltd. Full timeDegree in engineering, science or information technology, or equivalent education.Minimum 10 years of related work experience in cybersecurity management and security governance. Candidates with additional experience will be considered for the Senior Manager position.Good working knowledge of security risk management, security governance framework and...
-
information security officer
3 weeks ago
Singapore RANDSTAD PTE. LIMITED Full timeRoles & ResponsibilitiesAbout the roleThis position is part of the Technology Risk Management team (IT Second Line of Defence), responsible for security governance, policies, technology risk monitoring, risk reporting, risk assessment and related technology risk functions. He/she will need to work closely with IT, e.g. collecting of key risk indicators,...