Information Security Auditor

2 days ago

Singapur, Singapore ISOCERT PTE. LTD. Full time

Job Nature

The Information Security Auditor will be responsible for assessing, monitoring, and ensuring the organization’s compliance with international security standards (ISO 27001), cybersecurity frameworks, and data protection regulations. The role involves planning and conducting internal/external audits, identifying risks and vulnerabilities, and recommending corrective actions. The auditor will work closely with IT, compliance, and business teams to strengthen the organization’s security posture and support certification/recertification processes.

Key Responsibilities
  • Audit & Compliance - Plan, conduct, and report on internal information security audits aligned with ISO 27001 and other frameworks. Support external audits and certification processes by liaising with auditors and regulatory bodies. Ensure compliance with data protection laws (e.g., GDPR, PDPA where applicable).
  • Risk & Controls Assessment - Evaluate existing security controls, policies, and procedures for effectiveness. Identify risks, vulnerabilities, and gaps in cybersecurity and data protection practices. Recommend improvements and track corrective/preventive actions (CAPA).
  • Documentation & Reporting - Develop and maintain audit checklists, reports, and compliance documentation. Provide management with clear audit findings and risk assessments. Maintain evidence logs for ISO 27001 controls and compliance purposes.
  • Stakeholder Engagement - Collaborate with IT, HR, Legal, and Business units to ensure alignment with security policies. Conduct awareness sessions to promote compliance culture. Advise leadership on security risks, trends, and mitigation strategies.
  • Continuous Improvement - Monitor changes in international standards and regulatory requirements. Drive continuous improvement of Information Security Management Systems (ISMS). Benchmark practices against industry best standards (e.g., NIST, CIS Controls).
Qualifications & Skills

Education & Certifications

  • Diploma or Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or related field.
  • ISO/IEC 27001 Lead Auditor / Lead Implementer certification (preferred).
  • Additional certifications are an advantage: CISA, CISM, CISSP, GDPR Practitioner, CEH.

Experience

  • 3–7 years of experience in information security, IT audit, or compliance. Personnel with no expereince are welcome to apply.
  • Proven track record in conducting ISO 27001 audits (internal or external will be an advantage).
  • Experience with data protection regulations (PDPA, GDPR etc.)
  • Hands-on knowledge of cybersecurity practices, risk assessment, and incident response.

Skills

  • Strong understanding of ISMS principles, risk management, and compliance frameworks.
  • Ability to analyze technical controls (network, cloud, applications) from a compliance perspective.
  • Excellent report writing and presentation skills.
  • Strong communication, stakeholder management, and problem-solving skills.
  • Ability to work independently and manage multiple audits/projects simultaneously.
#J-18808-Ljbffr

  • Regional IT Security Auditor

    4 days ago

    Singapur, Singapore Samsung Southeast Asia & Oceania Full time

    Overview Join to apply for the Regional IT Security Auditor role at Samsung Southeast Asia & Oceania . Position Summary The Regional IT Security safeguards the IT infrastructure of Samsung Electronics' subsidiaries across the Southeast Asia and Oceania (SEAO) region. This position is responsible for conducting security audits and managing security...

  • Assistant Director – Information Security and Cybersecurity

    4 days ago

    Singapur, Singapore Charterhouse Partnership | Asia Full time

    Roles & Responsibilities The Role We are seeking an experienced cybersecurity leader to oversee the organisation’s information security strategy and operations. This role covers governance, risk and compliance, infrastructure and network protection, incident management, and customer security assurance. The successful candidate will lead a specialised team,...

  • Assistant Director – Information Security and Cybersecurity

    2 hours ago

    Singapur, Singapore CHARTERHOUSE PTE. LTD. Full time

    The Role We are seeking an experienced cybersecurity leader to oversee the organisation’s information security strategy and operations. This role covers governance, risk and compliance, infrastructure and network protection, incident management, and customer security assurance. The successful candidate will lead a specialised team, partner with...

  • Information Security Engineer

    4 days ago

    Singapur, Singapore HAIER SINGAPORE INVESTMENT HOLDING PTE. LTD. Full time

    KEY RESPONSIBILITIES Carry out the end-to-end security management for enterprise of application security, host security, data security, network security, including but not limited to security policy management and system maintenance. Responsible for the Governance, Risk and Compliance technical implementation of personal information protection...

  • Information Security Manager

    4 days ago

    Singapur, Singapore BIPO Full time

    Overview BIPO: Shaping the Future of HR with Innovation and Global Reach At BIPO, we are a global leader in HR services, offering innovative solutions that empower businesses to streamline and scale their operations effortlessly. Our award-winning cloud-based Human Resource Management System (HRMS) revolutionizes HR processes, making them simpler, more...

  • Project Manager

    4 days ago

    Singapur, Singapore Shopee Full time

    Overview Join to apply for the Project Manager - Information Security role at Shopee . Responsibilities Drive the planning, execution, and monitoring of information security projects. Track project progress, identify risks, and develop mitigation strategies. Coordinate with project stakeholders, including security engineers, developers and SREs. Collaborate...

  • Technology Auditor

    4 days ago

    Singapur, Singapore GX Bank Berhad Full time

    Technology Auditor / Senior page is loadedTechnology Auditor / Senior Apply locations Singapore, Singapore time type Full time posted on Posted 14 Days Ago job requisition id R- Get to know our Team: Internal Audit is an independent function (3rd line of Defence) within GXS Bank that provides an objective assurance and advisory role to senior management. We...

  • Strategic Information

    4 days ago

    Singapur, Singapore Internal Security Department Full time

    Strategic Information & Communications Technology (ICT) Systems Engineer Join to apply for the Strategic Information & Communications Technology (ICT) Systems Engineer role at Internal Security Department Role Overview The ISD confronts and addresses threats to Singapore’s internal security and stability. With over 70 years of history, ISD plays a...

  • Senior IT Security Analyst

    4 days ago

    Singapur, Singapore Nanyang Technological University Singapore Full time

    Senior IT Security Analyst (Information Security Department) (NIE) About The National Institute Of Education (nie)The National Institute of Education (NIE), Singapore , is Singapore’s national teacher education institute and we are proud to be an integral part of the nation’s education service. We play a key role in the preparation of teachers and in the...

  • Cybersecurity Professional

    4 days ago

    Singapur, Singapore Internal Security Department Full time

    Join to apply for the Cybersecurity Professional role at Internal Security Department What The Role Is ISD confronts and addresses threats to Singapore’s internal security and stability. For over 75 years, ISD and its predecessor organisations have played a central role in countering threats such as those posed by foreign subversive elements, spies,...