Information Security Auditor

6 days ago

Singapore ISOCERT PTE. LTD. Full time $80,000 - $120,000 per year
Job Nature

The Information Security Auditor will be responsible for assessing, monitoring, and ensuring the organization's compliance with international security standards (ISO 27001), cybersecurity frameworks, and data protection regulations. The role involves planning and conducting internal/external audits, identifying risks and vulnerabilities, and recommending corrective actions. The auditor will work closely with IT, compliance, and business teams to strengthen the organization's security posture and support certification/recertification processes.

Key Responsibilities
  • Audit & Compliance

    Plan, conduct, and report on internal information security audits aligned with ISO 27001 and other frameworks.

Support external audits and certification processes by liaising with auditors and regulatory bodies.

Ensure compliance with data protection laws (e.g., GDPR, PDPA where applicable).
- Risk & Controls Assessment

Evaluate existing security controls, policies, and procedures for effectiveness.

Identify risks, vulnerabilities, and gaps in cybersecurity and data protection practices.

Recommend improvements and track corrective/preventive actions (CAPA).
- Documentation & Reporting

Develop and maintain audit checklists, reports, and compliance documentation.

Provide management with clear audit findings and risk assessments.

Maintain evidence logs for ISO 27001 controls and compliance purposes.
- Stakeholder Engagement

Collaborate with IT, HR, Legal, and Business units to ensure alignment with security policies.

Conduct awareness sessions to promote compliance culture.

Advise leadership on security risks, trends, and mitigation strategies.
- Continuous Improvement

Monitor changes in international standards and regulatory requirements.

Drive continuous improvement of Information Security Management Systems (ISMS).

Benchmark practices against industry best standards (e.g., NIST, CIS Controls).

Qualifications & Skills

Education & Certifications

  • Diploma or Bachelor's degree in Information Technology, Computer Science, Cybersecurity, or related field.
  • ISO/IEC 27001 Lead Auditor / Lead Implementer certification (preferred).
  • Additional certifications are an advantage: CISA, CISM, CISSP, GDPR Practitioner, CEH.

Experience

  • 3–7 years of experience in information security, IT audit, or compliance. Personnel with no expereince are welcome to apply.
  • Proven track record in conducting ISO 27001 audits (internal or external will be an advantage).
  • Experience with data protection regulations (PDPA, GDPR etc.)
  • Hands-on knowledge of cybersecurity practices, risk assessment, and incident response.

Skills

  • Strong understanding of ISMS principles, risk management, and compliance frameworks.
  • Ability to analyze technical controls (network, cloud, applications) from a compliance perspective.
  • Excellent report writing and presentation skills.
  • Strong communication, stakeholder management, and problem-solving skills.
  • Ability to work independently and manage multiple audits/projects simultaneously.

  • Information Security Manager

    3 days ago

    North-East Singapore Flintex Consulting Pte Ltd Full time

    **Information Security Manager**: - Minimum yearss' experience in IT Governance and Cyber Security as HOD (mandatory) - Vendor industry experience (mandatory) - Hands on and ability to implement security technical solutions (mandatory) - Manage communication with MAS auditor, incident reporting, engagement - Leading tasks and multiple teams of information...

  • Information Security Risk Manager

    1 day ago

    Singapore The Edge Asia Full time

    The role is a permanent position based in Singapore. EA Licence Number: 16S8131 Recruiter Licence Number: R22104669 **Some of the key responsibilities will include**: - Develop and maintain organization framework, rulesets, policies and procedures on information security and data protection. - Maintain inventory of Availability, Integrity, and...

  • Information Security

    1 day ago

    Singapore AIA Full time

    At AIA we’ve started an exciting movement to create a healthier, more sustainable future for everyone. - As pioneering innovators for over 100 years, we’re now transforming our organisation to be faster, simpler and more connected. Because we want to be even better equipped to develop digital solutions and experiences that help more people live...

  • IT Auditor

    7 days ago

    Singapore K2 PARTNERING SOLUTIONS PTE. LTD. Full time

    Position Summary The IT Project Auditor is responsible for evaluating the planning, execution, and delivery ofIT projects to ensure compliance with organizational policies, standards, and regulatoryrequirements. This role involves assessing project governance, risk management, resourceutilization, system security, and overall project performance to provide...

  • Information systems security developer

    2 days ago

    Singapore FEDERAL SECURITY SERVICES Full time $60,000 - $100,000 per year

    Design artefacts, spanning design, development, and implementation, into enterprise systems that describe security principles and how they relate to the overall enterprise system architecture. • Perform routine activities related to the periodic review and audit activities of infrastructure security systems and maintains documentation of security standards...

  • Director -information Security Officer

    3 days ago

    Singapore KS Talent Solutions Full time

    Posted by - Komal Mehta- Singapore As a Business Information Security Officer, you will play a key role in proactively managing the information security and Data privacy landscape within the organization. Your expertise will help guide strategic decision-making on technology risk and security matters, ensuring robust IT security architecture, practices, and...

  • IT Auditor

    5 days ago

    Singapore XCELLINK PTE. LTD. Full time

    The IT Project Auditor is responsible for evaluating the planning, execution, and delivery of IT projects to ensure compliance with organizational policies, standards, and regulatory requirements. This role involves assessing project governance, risk management, resource utilization, system security, and overall project performance to provide assurance and...

  • IT Auditor

    5 days ago

    Singapore K2 PARTNERING SOLUTIONS PTE. LTD. Full time

    Position Summary The IT Project Auditor is responsible for evaluating the planning, execution, and delivery of IT projects to ensure compliance with organizational policies, standards, and regulatory requirements. This role involves assessing project governance, risk management, resource utilization, system security, and overall project performance to...

  • information security manager

    2 weeks ago

    Singapore HORIZON COMPUTER MANAGEMENT PTE. LTD. Full time $120,000 - $180,000 per year

    Key ResponsibilitiesDevelop, implement, and manage the organization's information security strategy, policies, and procedures .Lead the design and enforcement of security controls to protect systems, networks, and data from cyber threats.Manage a team of security professionals, providing technical guidance, mentoring, and performance management .Oversee risk...

  • IT Auditor

    1 week ago

    Singapore Assurity Trusted Solutions Pte Ltd Full time

    Assurity Trusted Solutions (ATS) is proud to be a significant facilitator in the digital landscape, enhancing Singapore’s position as a trusted ICT hub for the government and businesses alike. As a fully owned subsidiary of the Government Technology Agency (GovTech), we aim to improve Trust and High Assurance of digital services through secure identity...