You are visiting this website from:
View All Jobs

Information Security Governance, Risk & policy

Job Seekers Singapore IT Accounting & Finance, Automotive, Aviation, Commodities & Trading, Construction, Consumer & FMCG, Digital & E-Commerce, Education, Energy & Utilities, Engineering and Manufacturing, Financial Services - Asset Management, Financial Services - Banking, Financial Services - Financial Markets, Financial Services - Fund Services, Financial Services - Insurance, Financial Services - Private Banking, Government, Hospitality & Tourism, Human Resources, IT, Industrial, Legal services, Life Science & Pharma, Logistics & Shipping, Marketing & Advertising, Media & PR, Others, Private Equity, Professional Services, Real Estate, Retail, Staffing and Recruitment, Strategy, Technology, Telecoms

Job Summary

  • Singapore
  • Permanent
  • BBBH760533
  • Sep 01, 2020
  • Competitive
Job Description

Information Security - Senior Manager - GRC & Policy


A leading organisation in the Healthcare Technology sector, transforming healthcare through smart technology and latest innovations. The company who value talents, who promotes talents achieving career progression.

Job Role: Senior Manager

Department: CISO Office

Role and Responsibilities

  • Defining and maintaining corporate-wide information security governance and controls to ensure that information assets are adequately protected
  • Identifying, evaluating and reporting of information security risks in a manner that meets compliance and regulatory requirements
  • Ensuring that security policies, standards, procedures, guidelines are kept relevant with the evolving security risks and govern the compliance to the regulatory requirements
  • Structuring and enhancing security artefacts such as high-level information security requirements, security hardening guides and security patching baselines
  • Analysing business and operations initiatives to identify the business and application security risks, review the specified requirements and assess the control implementations to ensure information security risks are managed
  • Managing and creation of the relevant dashboards and tools to support management reporting on the security metrics relating to the operating environment, inclusive of OS, DB hardening, user awareness training, phishing exercises, DLP and vulnerability assessments
  • Strong end-to-end knowledge of cyber, security, governance, risk and policies

Requirements / Qualifications

  • 8 - 10 years of technology work experience with a minimum of five years in information security knowledge and experience in information security risk assessment and management
  • Security certification in CISSP, CISM, CISA or other information security credentials, is essential
  • Experience in the development and implementation of application and solutions is a plus
  • Experience working and liaising with auditors to review and assess control frameworks is a plus
  • Strong change champion with the ability to master key concepts on cybersecurity related use cases and articulate security objectives to stakeholders across all levels
  • Knowledge of security and control frameworks, such as ISO 27001/2, COBIT, COSO and ITIL
  • Results-oriented, decisive and able to manage conflicts.
  • Adaptable and able to deal with changes constantly

EA Licence No: 11C5502
Registration No: R1876903
Registration Name: Shalu Surana

Consultant Details

Consultant Details

Shalu Surana
Shalu Surana
  • Programme Delivery Consultant | M3S
  • +65 6818 3144