Governance, Risk and Compliance Specialist

As a Governance, Risk and Compliance Specialist, you will be a subject matter expert advising internal stakeholders on cybersecurity compliance requirements. You will be working closely with application teams and line 2.

Your scope of work includes:

• Writing internal cybersecurity policies and processes
• Ascertain security compliance
• Support IT / cyber security audits
• Tracking and reporting of cyber risks

Key Responsibilities

• Develop the culture of cyber security governance and risk management across the organisation, and ensure proper accountability in the management, tracking and reporting of cyber risks.
• Provide subject matter advice to internal stakeholders on cyber security requirements that the Authority is required to comply with, including client's internal policies and standards, as well as policies and standards from the government and Cyber Security Agency of Singapore.
• Review and establish ICT policies and processes controls, and conduct compliance checks.
• Support the CIO and CISO, and work with internal stakeholders to:

       o Track and monitor cyber security initiatives to meet compliance requirements.

       o Participate in consultation and conduct gap analysis against new requirements.

       o Assess and seek waiver approvals for deviations and dispensations.

       o Coordinate and facilitate IT / cyber security audits.

• Track remediation plans to address audit findings.

What we are looking for

• Working experience in IT Governance, IT Audit, Cyber security or related field.
• Relevant certifications in IT governance, IT audit, cyber or data security (e.g. CISSP, CISM, CISA, CGEIT, etc.) preferred.
• Ability to work with cross-functional, multi-disciplined team to institute and monitor security policies and procedures.
• Knowledge of Instruction Manual 8 and CSA Cybersecurity Code of Practice preferred.