Key Responsibilities
Governance & Compliance
- Develop, implement, and maintain security policies, procedures, and standards in line with industry best practices (ISO 27001, NIST, CIS, etc.).
- Ensure compliance with regulatory requirements (MAS TRMG, CCoP).
- Assist in internal audits and security assessments to identify gaps and recommend corrective actions.
- Support third-party risk assessments and vendor security compliance.
Risk Management
- Conduct risk assessments and identify potential security threats, vulnerabilities, and mitigation strategies.
- Develop and maintain a security risk register, tracking risk treatment plans and progress.
- Monitor emerging security threats and ensure proactive risk management strategies.
- Assist in business continuity and disaster recovery planning related to security risks.
Security Awareness & Training
- Develop and deliver security awareness training programs for employees.
- Promote a culture of security by advising stakeholders on best practices.
Requirements
Educational and Experience
- Bachelor’s in Computer Science, Computer Engineering, Information Security, or related fields. Minimum of 4 years in security governance, risk, or compliance management, preferably within the financial services or payment systems industry.
Skills and Knowledge
- Strong understanding and familiarity with regulatory requirements such as MAS Notice on TRM, MAS Notice on Cyber Hygiene, MAS Technology Risk Management Guidelines, MAS Outsourcing Guidelines and the Cybersecurity Code of Practice are preferred
- Good knowledge of industry security framework such as NIST Cybersecurity Framework
- Strong problem-solving and analytical skills with a keen eye for details
- Excellent communication and stakeholder management skills
- Working experience in a highly regulated environment would be advantageous
Report job
