16 September 2020

Seeking IT Security professionals with a keen interest in Governance, Risk and Compliance processes to contribute to the Security Engineering & Architect team in the implementation of Cybersecurity projects.

Mandatory Skill(s)

  • Degree in Computer Science, Information Security or Information Systems;
  • At least 5 years of experience in IT security space with a strong experience in IT GRC (Governance, Risk and Compliance) related functions;
  • Deep knowledge and understanding of internal controls, security frameworks, risk management and IT governance, auditing techniques and methodologies;
  • Good knowledge of enterprise IT systems and components (applications, operating systems, databases, networks, cloud, DevOps);
  • Familiar with industry standards related to IT Controls – ISO 27001, NIST, OWASP, Cloud Security;
  • Experience in working with vendors to evaluate security technologies and working on proof-of-concepts (POC);
  • Keen interest and knowledge on cyber security technologies (SIEM, NIDPS, CASB, VMS, Cyber-analytics);
  • Strong in analytical thinking with attention to detail;
  • Excellent communication and inter personal skills.

Desirable Skill(s)

  • CISSP, CISM, CRISC, CGEIT and/or CISA certified.

Responsibilities

  • Act as a Subject Matter Expert on IT Governance, Risk management and Compliance (GRC) and related policies and procedures;
  • Contribute to the formulation and implementation of company wide IT governance standards and procedures in compliance with regulatory requirements;
  • Collaborate with application development and external vendor teams to implement IT risk assessment checklists and operational IT Risk Controls;
  • Continuously identify GRC Key risk indicators (KRI) and maintain IT Risk Register;
  • Collaborate with stakeholders for risk management, mitigation and remediation measures;
  • Liaise with internal and external parties for IT GRC related audits and facilitate timely remediation of issues;
  • Keep abreast of the dynamic cyber threat landscape and identify opportunities for enhancement of IT risk processes;
  • Work with key stakeholders in building a strong company wide risk-aware culture.
Apply to this Job