Share this Job

Senior Risk & Compliance Analyst

Date: 21-Nov-2020

Location: Singapore, Singapore

Company: Singtel

We have a great opportunity for a talented and self-motivated Senior Risk & Compliance Analyst to join our team in NCS. At NCS, we seek to nurture talents in creating and developing innovative solutions. If you are passionate about new technologies and new ideas, NCS could be a place for you!

 

This role will develop and drive effective cyber security compliance programs involving activities such as to review and develop security policies, processes/procedures and guidelines, establish compliance with policies, standards, conduct security risk assessment, assist in security advisory, audits and reviews.

 

Responsibilities:

 

  • Review and development of information security policies, standards, processes, procedures and guidelines in accordance with cybersecurity best practices
  • Administer compliance with these policies and procedures through ongoing security reviews, audits and assessments.
  • Conduct security risk assessment, business impact analysis and develop security risk treatment plan.
  • Collaborate with stakeholders for risk management, mitigation and remediation measure.
  • Develop in the security awareness training program to foster a secure culture,  improve security awareness and compliance.
  • Partner with internal and external audit teams, to manage and effect audits from a compliance & point-in-time perspective, to a risk-driven, continuous proactive compliance approach.
  • Point of contact to assist and advise Line-of-Business for ICT security related matters.

 

The ideal candidate should possess:

 

  • Degree/Diploma or higher in Computer Science, Information Systems or equivalent
  • At least one security certification is preferred, such as Certified Information Security Management (CISM), Certified Risk Information Security Control (CRISC), Certified Information Systems Auditor (CISA) or Certified Information Systems Security Professional (CISSP)
  • At least 6 years of experience in IT Risk Management, Governance or Compliance.
  • Understanding of control and risk management concepts including control testing, risk assessments, risk  treatment and third party risk.
  • Knowledge of risk management policies, methods, standards, processes, governance models, and both quantitative and qualitative risk analysis approaches.
  • Knowledge of common information security management frameworks, such as ISO 27001-5, COBIT and NIST, including 800-53 and Cyber security Framework.
  • Customer-focused with good interpersonal skills
  • Team player and able to work independently
     

If you would like to be part of the winning team that does great work, apply today!

 

#NCSlife