Senior Governance, Risk, and Compliance Analyst
Hyatt
Cyber SecurityGo
Senior Consultant, Cybersecurity
Infosys
full-time
Posted on:
Origin: • 🇸🇬 Singapore
Visit company websiteJob Level
Senior
Tech Stack
Cyber Security
About the role
- Support defining, enhancing, evolving, and demonstrating company’s point of view and delivery approach of cybersecurity-focused services
- Handle Issue and Exception handling process and Risk management
- Build and maintain client relationships; develop strategic vision for clients and internal teams
- Play GRC role for ISO27k and PCI DSS
- Perform review of RCSA (Risk Control Self-Assessment) to ensure controls are designed and operating effectively
- Maintain Technology Policies, Standards and Control Library aligned with industry practices (ISO, NIST, CSA)
- Lead customer audit engagement (internal and external) and provide oversight on all IT audit matters
- Conduct reviews to ensure systems and processes comply with existing technology policies and standards
- Perform Operational Security Reviews, Audits and Security Incident Management review
- Support Compliance Scanning, Management and Reporting
- Support Security audit and assessment activities (data collection, evidence support, report generation) and review third-party support reports
- Communicate risks and system issues to stakeholders to avoid program risks and escalations
- Maintain procedures and controls to assure compliance with regulatory and legal requirements and good business practices
- Liaise with internal & external Audit, Corporate Compliance and Risk
- Ensure policies are reviewed and updated regularly
- Promote and monitor the IS Security awareness program
- Maintain expertise on security trends through training, research, and development
Requirements
- Bachelor's degree in Computer Engineering
- 10-15+ years of relevant experience in Cyber Security
- Experience defining, enhancing, evolving, and demonstrating company’s delivery approach of cybersecurity-focused services
- Experience handling Issue and Exception handling process and Risk management
- Experience building and maintaining client relationships and developing a strategic vision
- Experience playing GRC role for ISO27k and PCI DSS
- Experience performing review of RCSA (Risk Control Self-Assessment) to ensure controls are designed and operating effectively
- Experience maintaining Technology Policies, Standards and Control Library aligned with industry practices (ISO, NIST, CSA)
- Experience leading customer audit engagements (internal and external) and oversight on IT audit matters
- Experience conducting reviews to ensure systems and processes comply with technology policies and standards
- Hands-on experience in Operational Security Reviews, Audits, and Security Incident Management review
- Experience supporting Compliance Scanning, Management and Reporting
- Experience supporting security audit and assessment activities (data collection, evidence support, report generation) and reviewing third-party support reports
- Strong familiarity with frameworks such as ISO standards, GDPR, NIST, PCI DSS
- Professional certifications desirable: CISA, CISM, CRISC, or CISSP
- Good understanding of financial domain and Security IT
Similar jobs on JobTailor
Security Operations Engineer
AdRoll, a division of NextRoll
Cyber Security
GRC Lead
WELL Health Technologies Corp. (TSX: WELL)
Cyber Security
Manager, Corporate Governance, Risk, and Compliance (GRC)- Remote (Anywhere in the U.S.)
GuidePoint Security
Cyber Security
Associate Cyber Governance, Risk & Compliance Analyst
Boeing
Cyber Security