Information Security Auditor
3 weeks ago
Job Nature
The Information Security Auditor will be responsible for assessing, monitoring, and ensuring the organization’s compliance with international security standards (ISO 27001), cybersecurity frameworks, and data protection regulations. The role involves planning and conducting internal/external audits, identifying risks and vulnerabilities, and recommending corrective actions. The auditor will work closely with IT, compliance, and business teams to strengthen the organization’s security posture and support certification/recertification processes.
Key Responsibilities- Audit & Compliance - Plan, conduct, and report on internal information security audits aligned with ISO 27001 and other frameworks. Support external audits and certification processes by liaising with auditors and regulatory bodies. Ensure compliance with data protection laws (e.g., GDPR, PDPA where applicable).
- Risk & Controls Assessment - Evaluate existing security controls, policies, and procedures for effectiveness. Identify risks, vulnerabilities, and gaps in cybersecurity and data protection practices. Recommend improvements and track corrective/preventive actions (CAPA).
- Documentation & Reporting - Develop and maintain audit checklists, reports, and compliance documentation. Provide management with clear audit findings and risk assessments. Maintain evidence logs for ISO 27001 controls and compliance purposes.
- Stakeholder Engagement - Collaborate with IT, HR, Legal, and Business units to ensure alignment with security policies. Conduct awareness sessions to promote compliance culture. Advise leadership on security risks, trends, and mitigation strategies.
- Continuous Improvement - Monitor changes in international standards and regulatory requirements. Drive continuous improvement of Information Security Management Systems (ISMS). Benchmark practices against industry best standards (e.g., NIST, CIS Controls).
Education & Certifications
- Diploma or Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or related field.
- ISO/IEC 27001 Lead Auditor / Lead Implementer certification (preferred).
- Additional certifications are an advantage: CISA, CISM, CISSP, GDPR Practitioner, CEH.
Experience
- 3–7 years of experience in information security, IT audit, or compliance. Personnel with no expereince are welcome to apply.
- Proven track record in conducting ISO 27001 audits (internal or external will be an advantage).
- Experience with data protection regulations (PDPA, GDPR etc.)
- Hands-on knowledge of cybersecurity practices, risk assessment, and incident response.
Skills
- Strong understanding of ISMS principles, risk management, and compliance frameworks.
- Ability to analyze technical controls (network, cloud, applications) from a compliance perspective.
- Excellent report writing and presentation skills.
- Strong communication, stakeholder management, and problem-solving skills.
- Ability to work independently and manage multiple audits/projects simultaneously.
-
Regional IT Security Auditor
4 weeks ago
Singapur, Singapore Samsung Southeast Asia & Oceania Full timeOverview Join to apply for the Regional IT Security Auditor role at Samsung Southeast Asia & Oceania . Position Summary The Regional IT Security safeguards the IT infrastructure of Samsung Electronics' subsidiaries across the Southeast Asia and Oceania (SEAO) region. This position is responsible for conducting security audits and managing security...
-
Singapur, Singapore CHARTERHOUSE PTE. LTD. Full timeThe Role We are seeking an experienced cybersecurity leader to oversee the organisation’s information security strategy and operations. This role covers governance, risk and compliance, infrastructure and network protection, incident management, and customer security assurance. The successful candidate will lead a specialised team, partner with...
-
Singapur, Singapore Charterhouse Partnership | Asia Full timeRoles & Responsibilities The Role We are seeking an experienced cybersecurity leader to oversee the organisation’s information security strategy and operations. This role covers governance, risk and compliance, infrastructure and network protection, incident management, and customer security assurance. The successful candidate will lead a specialised team,...
-
Information Security Manager
2 weeks ago
Singapur, Singapore AWWA LTD. Full timeOverview Primary Objectives of Position Manage security operation to ensure the safe use of IT systems and assets as well as protect against cybersecurity threats. Manage various stages of projects in conception and initiation, planning, execution, performance/ monitoring, and project closure. Responsibilities Establish, implement and maintain a...
-
Information Security Engineer
4 weeks ago
Singapur, Singapore HAIER SINGAPORE INVESTMENT HOLDING PTE. LTD. Full timeKEY RESPONSIBILITIES Carry out the end-to-end security management for enterprise of application security, host security, data security, network security, including but not limited to security policy management and system maintenance. Responsible for the Governance, Risk and Compliance technical implementation of personal information protection...
-
Information Security Engineer
3 weeks ago
Singapur, Singapore Theoptimum Full timeOverview We are seeking an experienced Security Consultant to assess, design and implement robust security solutions across enterprise environments. The role involves conducting risk assessments, developing security architecture, advising on compliance frameworks and guiding internal stakeholders to ensure security requirements are met across all systems and...
-
Information Security Engineer
3 weeks ago
Singapur, Singapore Optimum Solutions Pte Ltd Full timeOverview We are seeking an experienced Security Consultant to assess, design and implement robust security solutions across enterprise environments, The role involves conducting risk assessments, developing security architecture, advising on compliance frameworks and guiding internal stakeholders to ensure security requirements are met across all systems and...
-
Information Security Manager
4 weeks ago
Singapur, Singapore BIPO Full timeOverview BIPO: Shaping the Future of HR with Innovation and Global Reach At BIPO, we are a global leader in HR services, offering innovative solutions that empower businesses to streamline and scale their operations effortlessly. Our award-winning cloud-based Human Resource Management System (HRMS) revolutionizes HR processes, making them simpler, more...
-
Senior Information Security Manager
2 days ago
Singapur, Singapore OTSUKA SINGAPORE PTE. LTD. Full timeJob Description Regional Information Security Management: Establish a management framework for information security across Asia and Arab region. Develop and implement procedures for regional information security management and operation. Plan and execute deployment of Otsuka Group standard technology (e.g., security monitoring tools, vulnerability management...
-
Technology Auditor
4 weeks ago
Singapur, Singapore GX Bank Berhad Full timeTechnology Auditor / Senior page is loadedTechnology Auditor / Senior Apply locations Singapore, Singapore time type Full time posted on Posted 14 Days Ago job requisition id R- Get to know our Team: Internal Audit is an independent function (3rd line of Defence) within GXS Bank that provides an objective assurance and advisory role to senior management. We...
