Senior/ IT Consultant - IT Governance, Risk and Compliance (GRC), Communications and Information Technology
Job ID:
24355
Location:
Singapore
Discipline:
Information Technology
Job Views:
74
Job Description:
Job Responsibilities
- Work on standards and framework, and to drive the implementation and organizational awareness to support IT Governance, Risk & Compliance (GRC) objectives.
- Support initiatives to assess the adequacy and effectiveness of IT controls and policies, and direct remediation activities to ensure that compliance gaps are successfully addressed.
- Manage and ensure IT policies and procedures up to date across the organization, working with the appropriate stakeholders.
- Jointly monitor, track and review with Cyber Security team and other IT teams on all risk findings and assessments of IT initiatives.
- Develop, maintain, review and report on the IT Risk Register. Schedule and participate in periodic risk self-assessments and track remediation action plans.
- Conduct risk control testing.
- Front auditors, both internal and external, for audits directed at the IT Division or at business divisions where IT involvement is required.
- Consolidate IT incidents and conduct root cause analysis.
- Support business continuity functions. E.g. tabletop exercise, disaster recovery exercise.
- Detailed reporting on security risk issues and treatment plans to SIT management or statutory reporting to MOE.
- Drive continuous improvement based on expert knowledge in domain areas, industry best practices, established market standards and certifications, and business objectives.
Requirements
- Bachelor’s degree in Information Technology or Computer Science or related fields
- Minimum 4 years of experience in IT governance, audits and risk management
- Experience in ISO27001 compliance efforts and certification experience is highly desirable
- Good knowledge and experience with standards and frameworks like NIST, ISO27001, MTCS, and Personal Data Protection Act (PDPA) is essential; familiarity with Government IM and PCI-DSS
- Industry certifications like ITIL, COBIT, PMP, DRM/BCM, CISSP/CISA/CISM are desirable
- Possess excellent written and oral communication skills with the ability to present ideas and results to all levels of staff, including C-Level and Board executives
- Good analytical and problem-solving skills
- Have a positive attitude and excellent team player
Posted:
20/04/2024