Information Security Risk

A great opportunity exists as APAC Information Security Risk & Compliance Consultant, reporting to APAC Information Security Risk & Compliance Lead.

The APAC Information Security Risk & Compliance Consultant collaborates with compliance, security, and general IT risks to ensure that IT supports the business objectives of the group, while enforcing policy, standards, and ensuring project implementations are consistent with local, regional, and global strategy. As part of the APAC Information Security team, will collaborate closely with other team members in providing support to APAC Business Units in the risk identification, assessment, and advice to the various stakeholders.

**Key responsibilities**:
- Support APAC Business Information Security Officers (BISOs) in performing the following assessments using the global standard risk-based approach:
- Cloud security assessments-
- Third party vendor assessments-
- Business / IT Application assessments (incl. pre & post implementation reviews)-
- Regulatory assessments (local regulations, ISO27001, PCI DSS, SOC2 etc.)-
- Remediation action review, analysis, and management-
- Themed security reviews-
- Maintain Information Security, Risk and Compliance frameworks, policies, and standards for the APAC region.- Provide governance over, and support BISOs in the coordination of, regional and local information security gap remediation.- Perform analysis to identify common themes and drive regional remediation activities.- Advise APAC Business Information Security Officers (BISOs) and stakeholders in information security policy compliance requirements.- Provide advice, governance and support in information security policy exception and risk acceptance processes.- Work closely with the Information Security Governance (ISG) team in Global Information Security (GIS) to ensure global requirements are communicated to APAC stakeholders, and APAC requirements are considered in global Information security compliance projects.- Drive or support global information security governance initiatives in the APAC region.- Ensure the wellbeing of team members and proactively work to identify and manage workplace exposures which may precipitate workplace stress, bullying, harassment, and discrimination.

**Experience / Qualification Required**:
- University degree (primarily in computer science or comparable technical education),- Minimum 5 years professional experience in Information Security related fields and/ or IT Risk Management- One or more of the following information security related certifications is desirable: CISA, CRISC, CISSP and/or CISM.- PCI ISA and/or ISO27001 experience / certification is a plus.- Ability to operate using highly developed consulting and influencing skills, and able to communicate security-related concepts to a broad range of technical and non-technical staff.- Strong risk management and information security skills.- Big4 information security consulting and/or IT audit experience is a plus.- Insurance industry understanding would be highly beneficial.

**Knowledge**:
- Good working understanding of IT security, architectures, and compliance controls-
- Effective communication, presentation, and relationship management skills at different levels in a multicultural environment- Excellent co-ordination and time management skills for hands on assessment management- Strong report writing skills.- Eye for detail and inquisitive nature- Strong integrity and highly ethical- Innovative ability to contribute to development of processes.- Ethic of continuous improvement in their role- Effective in influencing and persuasion.- Understanding and experience in PowerBI is preferable.- Proficient in English (written and spoken). Cantonese is a plus.

If you’re interested in being part of our adventure that will build a brighter future together, and feel a sense of togetherness, then we look forward to you starting your adventure with us

**Why Zurich**

At Zurich, we like to think outside the box and challenge the status quo. We take an optimistic approach by focusing on the positives and constantly asking What can go right?

We are an equal opportunity employer who knows that each employee is unique - that’s what makes our team so great

Join us as we constantly explore new ways to protect our customers and the planet.
- Location(s): SG - Singapore
- Remote working:

- Schedule: Full Time
- Recruiter name: Ahona Adhikary
- Closing date: