- Administer, own and support. Lead in all areas of compliance and quality for the Business Unit. This include implementing, reviewing documentations, control objectives and risk assessment, adopting frameworks such as QMS, ITIL, ISMS, Cobit, ISO, MTCS, MAS TRM.
- Provide and support IT governance for the BU with a structured, standardize framework on policies, standards, guidelines & processes, documentation and records management
- Conduct internal audits, interpret organizational IT policies, identify risk associated with control failures and support the mitigating of the risk to the business
- Conduct security awareness training for internal and external customers
- Coordinate and review external customer monthly security assessment reports
- Perform regulatory audits (ISAE, ISO, SOX, MAS TRM, PCI-DSS, VARM) as defined, follow-up audit findings and improvement till closure
- Be a Subject Matter Expert on audit and compliance
- Perform multi-platform (application, database, operating system, middleware, monitoring tools, and business processes) level assessments on baseline hardening.
- Partner with governess to ensure control owners update the control documents periodically to reflect current control environment and company standards.
- Engage management in discussion about efficient and effective ways to improve internal data privacy control environment.
- Perform other tasks as necessary to ensure IT Compliance meets its commitments to customers.
- Be a Subject Matter Expert on audit and compliance, providing consultative direction to, and review the quality of deliverables.
- Support activities to strengthen the IT Compliance Program.
- Support BCM and DR activities.
- Understanding of security functions including but not limited to Change & Incident Management, BCP/DR, Identity and Access Management, and IT Risk Management.
- Performs other duties as assigned or required.
- 3+ years of overall IT experience
- 2+ years of IT Compliance involving HIPAA, SOX, SSAE16, PCI DSS
- Solid knowledge of audit processes and auditing skills
- Ability to perform audit analysis and create summary documentation
- Advanced skills with MS Excel with ability to quickly manipulate and analyse data using Excel functions
- Experience with managing customer relationships
- Detail oriented and strong communication skills written and oral
- Ability to multi-task projects or assessments in a fast-paced environment
- Certify ISO27001, CISA/CISM/CISSP or other related IT security industry certification strongly preferred
- Knowledge in standards such as ISO27001, ISO9000, MAS TRM, MTCS, ISAE3402, PCI DSS, SOX, CIS, NIST and Information Security
- Experience in data analysis, application and system security and controls
Shortlisted candidates will be offered a 1 Year Agency Contract employment