Senior Manager, IT Security Governance

Job title: Senior Manager, IT Security Governance
Contract type: Permanent
Location: Singapore
Salary: $6,000 - $10,000
Reference: PR/081558
Contact details: Sarah Chin
Contact email:
Job published: November 05, 2021 17:40
Assisting the IT Governance Risk and Compliance (IT GRC) Lead, you will be part of the Group-wide IT GRC team to drive GRC functions across the organisation.
Main Duties and Responsibilities:
  • Drive governance function for ongoing compliance against:
  • Group IT security policies and standards
  • IT legislative and regulatory requirements, such as PDPA, GDPR, MAS TRM & PCI
  • Develop and drive an ongoing IT security score card framework to reflect the state of compliance of the computing environment.
  • Develop and drive ongoing IT risk management framework to ensure adequate risk management measures are put in place, such as:
  • Vulnerability management: Identify internal and external security threats/ vulnerabilities associated with technologies, including Cloud and Internet of Things (IoT), and hacking techniques
  • Access management: Perform periodic review of system access rights
  • Conduct periodic reviews and update Group IT security policies and standards where required, based on business feedback, deviation requests and audit findings.
  • Track and manage policy deviation requests
  • Provide liaison and support to business during IT audits.
  • Provide reporting to Management on key IT GRC measurements.
  • Track and monitor applicable MAS advisories and circulars
  • Provide IT security advisory to business unit IT teams globally and internal IT projects
  • Perform evaluation of technology and solution vendors for internal IT projects.

  • Minimum 8 years and above of IT Security work experiences in IT GRC, IT Risk Management, or IT Security Consultancy.
  • Possess security related certifications such as CISSP, CISM, CRISC or CISA.
  • Strong information security knowledge of IT regulations such as PDPA, GDPR, MAS TRM and PCI DSS, as well as industry best practices/principles such as ISO27001, NIST and CCSK.
  • Experience in cloud and operational technology environments and/or critical information infrastructures will be an added advantage.
  • Highly disciplined and diligent in driving deliverables strictly within defined timelines.
  • Strong communication/presentation/writing skills
  • Disciplined in being guided by a set of baselines such as IT security policies, standards, procedures and/or frameworks.
  • Logical and methodological, with good planning & organizational skills.
  • Able to work independently and as a strong team player.
  • Good interpersonal skills.
  • Experience in working in companies in bigger setup with various lines of businesses.

Working Location: Singapore

Apply online or feel free to contact me directly (via for more information about this opportunity. Due to the high volume of applicants, we regret to inform that only shortlisted candidates will be notified. Thank you for your understanding.

Sarah Chin (R 1655546)
JAC Recruitment Pte Ltd (EA Lic No: 90C3026)