IT Security Analyst (Governance & Assurance)

Responsibilities:

• Build an effective IT Assurance Framework according to the industry best practices and standards, technologies, relevant regulatory and requirements.
• Support and lead the enhancement, review and development of IT security policy, processes and procedures
• Enhance and automate the existing IT Control Framework
• Lead periodic IT control / IT assurance campaign to ensure the performance of control execution of technology teams and technology related processes
• Assist on external assessment requests, regulatory inspections, certification campaigns and external audit engagements.
• Perform ad-hoc tasks as requested by the team.

Requirements:

• Bachelor’s Degree (in any Discipline) with strong passion in IT Audit and Information Security
• Strong communication skills to collaborate with various stakeholders in English.
• 1 to 3 years of work experience at least one of the below areas:
  • IT Audit and Assurance
  • IT Risk and Control
  • IT Compliance
  • Policy Writing and Process Improvement
  • Enterprise Risk Management
  • Regulatory Reporting
• Experience in at least two of the below framework, certification and regulatory requirements is preferred:
  • MAS Technology Risk Management Guideline and Cyber Hygiene Notice
  • ISO 27001 / 27002 / 27701
  • NIST Cybersecurity Framework
  • SOC 2 / AICPA Trust Service Criteria
  • GDPR
  • COBIT 5
• Any relevant certification including CISA, CISM, CISSP, CRISC, ISO27001 Lead Auditor would be an added advantage.