Share this Job

Cyber Risk and Compliance Specialist

Date: 10-Jan-2023

Location: Singapore, Singapore

Company: Singtel Group

NCS is a leading technology services firm with presence in Asia Pacific and partners with governments and enterprises to advance communities through technology. Combining the experience and expertise of its 10,000-strong team across 61 specialisations, NCS provides differentiated and end-to-end technology services to clients with its NEXT capabilities of digital, cloud, platforms as well as core offerings in application, infrastructure, engineering and cyber security. NCS also believes in building a strong partner eco-system with leading technology players, research institutions and start-ups to support open innovation and co-creation. For more information, visit ncs.co. 

 

We are committed to a safe and healthy environment for our employees & customers and will require all prospective employees to be fully vaccinated.


Job Summary:

The Cyber Risk & Compliance Specialist will join our Singapore team to develop and drive effective cyber risk assessment and IT security compliance programs, involving activities such as reviewing and developing security policies, processes/procedures and guidelines, establishing compliance with policies, conducting security reviews and security assessment. 

 

Responsibilities:

  • Review and development of security framework, information security policies, processes / procedures, and guidelines on an ongoing basis.
  • Establish risk assessment, compliance enforcement activities with these policies / procedures through ongoing security/compliance reviews, not limited to log analysis and security assessment of customer ICT systems.
  • Conduct security risk management exercise, conduct table-top exercises, conduct vulnerability assessment, coordinate penetration tests activities, conduct information security awareness training for Line of Business Representatives.
  • Support internal projects in the matters of security risk assessment and compliance enforcement work.
  • Be the point-of-contact to assist and advise project leads for ICT security related matters. 
     

The ideal candidate should possess:

  • Bachelor's Degree in Information Security, Information Assurance, Computer Science and Computer Engineering.  
  • 4 to 7 years of relevant IT/IT Security experience.
  • Possess one (or more) of the security certifications such as CISSP/CISA/CISM/ISMS Lead Auditor Certification.
  • Experienced in risk assessment, compliance enforcement security and security governance.
  • Good understanding of information security principles, ISO 27001 controls, Center for Internet Security (CIS) controls, Cloud Controls Matrix (CCM) controls and PCI Security Standard are preferred.
  • Good working knowledge of security risk management, security governance framework and compliance (IT Security Audit / log review), application security, security technologies (system hardening, IDS/IPS, firewall), security incident response, penetration testing, vulnerabilities scanning, and security assessment.
  • Internal project focused with good interpersonal skills.
  • Team player with leadership qualities.