Current jobs related to Information Security Governance, Risk and - Singapore - FCM
-
Information Security Governance Lead
4 days ago
Singapore beBee Careers Full timeJob Description:We are seeking an Information Security Governance Lead to join our team. The successful candidate will have strong leadership skills and be able to drive key projects/initiatives related to information security governance.About the Role:The Information Security Governance Lead will be responsible for the 2nd line governance and oversight of...
-
Information Security Governance Manager
7 days ago
Singapore beBee Careers Full time**Job Description:**We are looking for a highly skilled professional to fill the position of Information Security Governance Manager. The ideal candidate will have a strong background in information security and governance, with a proven track record of managing internal controls within an IT control environment.The successful candidate will be responsible...
-
Information Security Governance, Specialist
7 hours ago
Singapore AIA Full timeAt AIA we’ve started an exciting movement to create a healthier, more sustainable future for everyone. - As pioneering innovators for over 100 years, we’re now transforming our organisation to be faster, simpler and more connected. Because we want to be even better equipped to develop digital solutions and experiences that help more people live...
-
IT Security Specialist
1 week ago
Singapore Housing and Development Board Full time**About Us!** The mission of Housing & Development Board (HDB) is to provide affordable, quality housing and a great living environment where communities thrive. To achieve its mission, HDB aims to be data-driven to the core and adopt evidence-based decision making in developing better housing policies service, improving service delivery and optimising...
-
Information Security
6 days ago
Singapore AIA Full timeAt AIA we’ve started an exciting movement to create a healthier, more sustainable future for everyone. - As pioneering innovators for over 100 years, we’re now transforming our organisation to be faster, simpler and more connected. Because we want to be even better equipped to develop digital solutions and experiences that help more people live...
-
Information Security Officer
2 days ago
Singapore Peoplebank Full time**Information Security Officer** - 6 months contract, possibility for extension/conversion. - Office location: Central **The Client** - Investment management company **The Opportunity** - Drive governance of information security programs in Fund Management Company (FMC), Wealth Management Company (WMC). - Partner closely with the ISO or InfoSec Team in...
-
Information Security Governance Expert
2 weeks ago
Singapore beBee Careers Full timeJob Title: Technology Consulting DirectorJob DescriptionAs a Technology Consulting Director, you will lead teams of auditors to conduct comprehensive audits of Information Security and Information Technology departments.ResponsibilitiesDevelop and execute strategic plans for client engagement sales and new business development.Oversee the development and...
-
Singapore beBee Careers Full time**Job Overview:**The Group Information Security & Digital Risk Management team undertakes a wide range of responsibilities, including risk governance and oversight, risk reporting to senior management and Board, policy formulation, risk assessments, vulnerability management, incident response, security awareness training, and compliance-driven...
-
IT Security Governance
1 week ago
Singapore Housing and Development Board Full time**About Us!** The mission of Housing & Development Board (HDB) is to provide affordable, quality housing and a great living environment where communities thrive. To achieve its mission, HDB aims to be data-driven to the core and adopt evidence-based decision making in developing better housing policies service, improving service delivery and optimising...
-
Singapore ANZ Full timeSee job description for details **About Us** **About the Role** As a Technology & Information Security Governance Lead (Line 1 Risk) for Singapore and International Cloud in our Digital Banking Operations Technology team, you will drive technology operational risk excellence using the ANZ Risk Management Framework. You will be supporting Country...
Information Security Governance, Risk and
2 weeks ago
**Job no**: 511715
**Brand**: FCM
**Work type**: Full time
**Location**: Singapore
**Categories**: Information & Technology
**The GRC Security Analyst Singapore** will plan and implement policies, procedures, standards, and controls to govern the protection of the company’s information systems, networks, and data. The GRC security analyst will stay up to date on the latest cybersecurity intelligence to modify standards and controls that govern cybersecurity across the corporation and to oversees effective system-wide security analysis; intrusion detection; standards and testing; risk assessment; awareness and development of policies, standards, and guidelines
The GRC Security Analyst will be responsible for updating and managing the security policy framework and relevant standards; overseeing applicable security, privacy, contractual and compliance requirements (i.e., ISO27001, Payment Act, PDPA, PCI-DSS, AML/KYC, MAS TRM and local privacy laws) through strategy development, controls definition and assessment and process oversight.
The purpose of this position is to provide highly skilled technical and information security expertise for development and implementation of the information security risk management program as well as handling Compliance and security requests coming from Business and customers (E.g. RFP, incidents, communication)
The GRC Security Analyst updates and maintains control matrices and spreadsheets and provides recommendations for management’s consideration. The incumbent works with internal, regional, Global teams, external providers to provide supportive documentation as applicable.
**Key Responsibilities**
- Establish policies, processes, and procedures in line with local and international regulations
- Implements security controls, risk assessment framework, and program that align to regulatory requirements, ensuring documented and sustainable compliance that aligns and advances Company business objectives.
- Implements processes, such as GRC (governance, risk and compliance), to automate and continuously monitor information security controls, exceptions, risks, testing. Develops reporting metrics, dashboards, and evidence artifacts to bring visibility and transparency.
- Updates security controls and provides support to all stakeholders on security controls covering internal assessments, regulations, protecting Privacy data, and Payment Card Industry Data Security Standards (PCI DSS).
- Verify the security compliance posture against the regulations and standards and derive a security implementation plan for remediation
- Liaise with all departments to identify, track, and provide remediation guidance for new projects, services and/or third-party contracts in terms of information security assurance
- Oversee third party assessment standards and privileged user monitoring as a check on critical system access
- Establish and oversee formal vulnerability management, penetration testing and security posture assessment programs
- Oversees and improves execution of Disaster Recovery Plan and BCP, Backup /restore policy (metrics, dashboard) in collaboration with ISS & IT Ops teams.
- Trains, guides, and acts as a resource on security assessment functions to other departments within the Company
**Key Competencies and Skills**
- Minimum 5 years working experience in IT/IS/Audit/Business/Technology
- 5 years in a security governance, risk, and compliance management experience
- Experience in large scale audit or governance projects
- Strong knowledge of current and emerging cyber security risks, and innovative risk management methods and solutions
- Ability to collaboratively develop a risk strategy in conjunction with stakeholders
- Strong analytical thinking, written, and oral communication and presentation skills
- Broad understanding of security and privacy concepts
- Ability to adapt and embrace change in a fast-paced, changing environment
- Ability to effectively communicate and relate to all levels of the organization
- Able to understand contracts and technical documentation and able to assess it for consistency and alignment with processes and controls outlined in requirements and audit materials
- Excellent communication skills at all levels and ability to adapt style to suit audience
- Industry recognized certification in security (e.g., CISSP, CISA, CISM, CEH, etc.) is preferred
