IT Governance Specialist

OVERVIEW

The IT Governance Specialist plays a critical role in strengthening the organization’s cybersecurity posture by overseeing and reviewing technical controls that mitigate IT security risks. This position demands understanding of security frameworks and hands-on expertise in key areas such as baseline hardening of systems, firewall rule review, and Identity and Access Management (IAM) domains.

The specialist ensures that all controls are effectively aligned with internal policies, standards, and procedures, as well as external regulatory requirements including MAS Technology Risk Management (TRM) guidelines, Personal Data Protection Commission (PDPC) regulations, and other applicable financial sector mandates.

KEY RESPONSIBILITIES

Assist the IT Assurance lead on the following:

• Assist IT Assurance lead and take ownership of the Identity access management system (IAM), assist onboarding applications and support day to day BAU operations.
• Conduct annual and semi-annual company-wide user and privileged access review and remediation. Propose and implement further controls to mitigate access related risk and issues.
• Plan, prepare and execute annual baseline configuration and firewall rule review exercises.
• Be the liaison point between business and IT staff in ensuring baseline configurations & firewall rule review are co-ordinated and managed.
• Ensures IT risk and security controls are implemented and mitigated on time in compliance with business strategies, organization policies and regulatory requirements.
• Consolidate and provide evidence as requested by internal, external, and regulatory audit related in information technology.
• Ensure IT operations and activities are complied with IT security standards set by PACS Group and regulatory guidelines by the Monetary Authority of Singapore (MAS) and PDPC.
• Suggest and implement continuous improvement and automation of daily BAU activities.

QUALIFICATIONS / EXPERIENCE

• Diploma or Degree in IT, Computer Science or equivalent.
• Prior work experience in the financial industry is preferred.
• Certification in IT Security related such as SSCP, CompTIA Security+ or CEH is preferred.

KNOWLEDGE, SKILLS & ABILITY

• Basic understanding on Cyber Security, IT networking, Windows OS, technical troubleshooting, and problem solving.
• Awareness and understanding of common exploits and vulnerabilities, system hardening, firewall configuration and rules review.
• Technical skills and hands-on experience with Information Security related solutions and technology such as, Active Directory, LDAP, EDR, Antivirus, WAF, Proxy, Firewall, DLP and SIEM & Vulnerability management.
• Excellent interpersonal and analytical skills to enable the implementation of security controls, program and MAS TRM requirements.
• Sound knowledge of Information Security management frameworks such as NIST CSF, ISO 27001 & best practices.