Are you an expert in IT Governance, Risk and Controls looking for an opportunity to enhance an enterprise system infrastructure security?
You might just be who we’re looking for!
- Degree in Computer Science, Computer Engineering or Information System;
- At least 5 years of experience in Information Technology (IT) Governance, Risk, Compliance or Information / Cyber Security;
- Exposure to Information Technology Risk Management assessment, processes, framework, policies and standards;
- Experienced in technology audit for applications, infrastructure, database, network or mainframe;
- Good knowledge of industry best practices and frameworks pertaining to IT Controls (IM8, MAS TRM Guideline, COBIT, ISO27001/2);
- Proactive, motivated and independent;
- Excellent communication, presentation, and advisory skills;
- Ability to work independently, manage stress and multitask in a fast paced environment.
- IT security certifications, such as CISSP, CRISC, CISM, CISA, CEH;
- Experience in IT Risk Management or Secure Software Development Architecture.
- To plan, implement and review the IT Governance, Risk, Compliance program, ensuring compliance within the organisation;
- Assist in the review of Project Risk Assessment (PRA) prepared by IT prior to start of project till system commission;
- Review system design, network design and application design from IT security perspective and provide recommendations/mitigation measures;
- Manage the IT Risk Register and reporting on compliance review activity, tracking all actions and risks arising from the review;
- Assist in auditing and status submission, escalating overdue responses accordingly;
- Assist in other necessary reporting related to compliance issues in IT;
- To be updated with technology related legislation and regulation that affect the Technology Risk management;
- To keep abreast of Information/Cyber Security development and trends and work with industry to evaluate potential security offerings, including product evaluations, proof of concept and pilots.