Security, Governance and Compliance Manager
Salary Attractive Package
Consultant Brett Lockett (R1440023)
Date posted 07 June 20192019-06-07 2019-08-06 it Singapore SG SGD 100000 105000 105000 YEAR Robert Walters https://www.robertwalters.com.sg https://www.robertwalters.com.sg/content/dam/robert-walters/global/images/logos/web-logos/square-logo.png
An exciting Security, Governance and Compliance Manager role has become available at a leading company in Singapore. In this job, you will be reporting to the Head of Technology and will work closely with all teams across the organisation. Strong end to end knowledge of security, risk, compliance, governance and policies is required for the position.
About the Security, Governance and Compliance Manager Role:
The role will primarily be responsible for Global IT Security framework ensuring the availability, integrity and confidentiality of IT systems and other digital assets. You will also be responsible for IT risk and compliance related processes in support of global policies and standards. In addition, this role will be responsible for establishing and sustaining of the IT governance model, ensuring that the IT organisation is focused on delivering value and managing performance for the key stakeholders. You will ensure that the IT organisation is governed to deliver the highest realised investment benefits, manage performance, risk and compliance
- Provides strategic leadership and guidelines on information assurance security expertise for the organisation, working effectively with strategic organisational functions such as legal experts and technical support to provide authoritative advice and guidance on the requirements for security controls
- Obtains and acts on vulnerability information and conducts security risk assessments for business applications and computer installations; provides authoritative advice and guidance on security strategies to manage the identified risk
- Investigates major breaches of security and recommends appropriate control improvements. Interprets security policy and contributes to development of standards and guidelines that comply with this.
- Performs risk assessment, business impact analysis and accreditation for all major information systems within the organisation. Ensures proportionate response to vulnerability information, including appropriate use of forensics
- Develops corporate information security policy, standards and guidelines. Prepares and maintains organisational strategies that address the evolving business risk and information control requirements
- Operates as a focus for information assurance governance expertise for the organisation, working effectively with strategic organisational functions such as legal experts and technical support to provide authoritative advice and guidance on the requirements for security controls
- Ensures architectural principles are applied during design to reduce risk, and advances assurance standards through ensuring rigorous security testing
- Provides authoritative advice and guidance on Information assurance architecture and strategies to manage identified risk
- Carries out risk assessment within a defined functional or technical area of business
- Uses consistent processes for identifying potential risk events, quantifying and documenting the probability of occurrence and the impact on the business
- Develops strategies for ensuring both the physical and electronic security of automated systems. Ensures that the policy and standards for security are fit for purpose, current and are correctly implemented. Reviews new business proposals and provides specialist advice on security issues and implications
- Ensures that all identified breaches in security are promptly and thoroughly investigated. Ensures that any system changes required to maintain security are implemented. Ensures that security records are accurate and complete
- Investigates and documents the internal control of specified aspects of automated or partly automated processes and assesses compliance with the SOX standard
- Controls, updates and distributes new and revised quality standards, including technical changes.
- Conduct IT due diligence or audit activities as required
- Develop and maintain the GRC roadmap for supporting the automation of risk and compliance processes (Risk Identification, Issue Management, Incident Management, Supplier Management, Threat and Vulnerability Management, etc.)
- Drafts and maintains the policy, standards and procedures for compliance with relevant legislation
- Understands the implications of information, both internal and external, that can be mined from business systems and elsewhere
- Qualified with a relevant technical tertiary qualification and/or relevant professional experience.
- Understanding of information security standards and best practices including ISO 17799/27001, COBIT, etc.
- CGEIT, CISSP, CISA, CISM, CRISC or other security/control/governance certifications a plus.
- Good understanding of information classification policy, digital rights management and data loss protection technology deployment.
This organisation needs no introduction and is recognised as a key leader within the technology field. The culture is demanding but if you are confident and have a can-do attitude the potential rewards are significant. The business is also very focused on developing and training their people to the highest standards.
If you are driven, determined and want to take the next step in your career, this is the role for you. Great career progression opportunities await the right person in this exciting Security, Governance and Compliance Manager job in Singapore.
Apply today or call me to discuss this new opportunity.
Robert Walters (Singapore) Pte Ltd
ROC No.: 199706961E | EA Licence No.: 03C5451
EA Registration No.: R1440023 Brett Lockett