The successful candidate will support the development and implementation of a comprehensive compliance and governance framework to ensure ongoing adherence to relevant IT legislative and regulatory requirements (e.g., PDPA, MAS TRM, PCI). They will report regularly to IT Management on compliance status and engage with various teams to promote a strong organizational security posture.
Key Responsibilities:
- Compliance & Governance Framework Development: Assist in the creation and implementation of a compliance framework to maintain ongoing adherence to relevant IT legislative and regulatory requirements. Prepare and submit reports to IT Management on the framework's effectiveness and any compliance gaps.
- Policy Compliance Monitoring: Support the development of a governing framework to uphold organizational information security policies, standards, and procedures, and report compliance status to IT Management.
- Risk Management for Emerging Technologies: Contribute to the evaluation and formulation of a risk management framework that addresses new technologies, such as the Internet of Things (IoT).
- Policy Review & Recommendations: Review and recommend updates to information security policies, standards, and procedures, accounting for deviation requests and audit findings.
- Information Security Scorecard Development: Develop and maintain an Information Security scorecard framework that assesses and reflects the organization's compliance level against established policies, standards, and procedures.
- IT Risk Management & Assessment: Assist in developing the organizational IT risk management framework, performing periodic risk assessments.
- Awareness & Phishing Programs: Support the design and execution of information security awareness and phishing simulations to strengthen organizational security culture.
- IT Security Project Support: Collaborate on the evaluation, planning, and implementation of IT Security projects, ensuring alignment with compliance requirements.
Requirements:
- Experience: Minimum of 2 years in Information Security, with a focus on consultancy and IT risk management.
- Certifications: Security certifications such as CISSP, CISM, or CISA are preferred, with solid knowledge of IT legislation (e.g., PDPA, MAS TRM, PCI) and industry best practices.
Interested candidate who wish to apply for the advertised position, please click on Apply Now. We regret that only shortlisted candidates will be notified.
EA License NO.: 01C4394
By sending us your personal data and curriculum vitae (CV), you are deemed to consent to PERSOLKELLY Singapore Pte Ltd and its overseas subsidiaries and affiliates collecting, using and disclosing your personal data to prospective employers/companies based in any country for purposes of evaluating suitability for employment, conducting reference checks, administering employment related services and such other purposes stated in our privacy policy. Our full privacy policy is available at www.persolkelly.com.sg. If you wish to withdraw your consent, please drop us an email to let us know.