Are you an expert in Cyber Security, Risk and Compliance looking for an opportunity to enhance your expertise? Well, your search ends here!!!
Our client is in the Financial Services Sector hiring for a Senior Manager to join their team.
- Degree in Computer Science, Computer Engineering, Information System or equivalent;
- At least 8 years of experience in Information Technology (IT) Governance, Risk, Compliance or Information / Cyber Security in Financial Services Sector;
- Exposure to Information Technology Risk Management assessment, processes, framework, policies and standards;
- Experienced in technology audit for applications, infrastructure, database, network or mainframe;
- Hands on knowledge in vulnerability scanning, penetration testing, Server hardening, malware analysis, digital forensics, incident response;
- Good knowledge of industry best practices and frameworks pertaining to IT Controls (PCI DSS, MAS TRM Guidelines, COBIT, ISO27001);
- Proactive, motivated with good problem solving skills;
- Excellent communication, presentation, and advisory skills;
- Ability to work within a team and independently, manage stress and multitask in a fast paced environment.
- IT security certifications such as CISSP, CRISC, CISA, SANS.
- To plan, implement and review the IT Governance, Risk, Compliance program, ensuring compliance within the organisation;
- Drive the regulatory and industry guidelines into the existing policies and standards;
- Review the new services and initiatives from IT security and risk perspective and provide recommendations/mitigation measures;
- Manage the IT Risk Register and reporting on compliance review activity, tracking all actions and risks arising from the review;
- Drive the threat and vulnerability management program to include data loss prevention, penetration testing, vulnerability scanning and threat assessment;
- Drive the organisation wide risk awareness training programs and security initiatives in cyber defence strategy;
- To be updated with technology related legislation and regulation that affect the Technology Risk management;
- To keep abreast of Information/Cyber Security development and trends and work with industry to evaluate potential security offerings, including product evaluations, proof of concept and pilots.