Responsibilities
• Develop, implement, and maintain privacy policies, procedures, and controls to ensure compliance with global data protection regulations (e.g., GDPR, CCPA, HIPAA).
• Conduct risk assessments and data protection impact assessments (DPIA) to identify and mitigate potential compliance risks.
• Provide expert guidance on personal information protection strategies and ensure compliance with privacy laws and standards.
• Collaborate with cross-functional teams to implement and monitor compliance initiatives.
• Ensure the organization’s information systems meet regulatory and security compliance requirements.
• Lead initiatives to maintain and improve network security compliance programs, addressing vulnerabilities and mitigating risks.
• Partner with IT and cybersecurity teams to enforce security protocols and ensure robust protection of sensitive information.
• Monitor and assess emerging security threats and compliance changes, adapting company policies accordingly.
• Lead internal audits to evaluate compliance with organizational policies, regulatory requirements, and industry standards.
• Manage external audit engagements, including coordinating with third-party auditors and ensuring timely remediation of findings.
• Develop and maintain audit documentation, ensuring accuracy and readiness for regulatory reviews.
• Report audit results and recommend improvements to senior leadership.
Requirements:
• Bachelor’s degree in Information Technology, Cybersecurity, Law, or a related field.
• Minimum of 13 years of experience in privacy, compliance, and audit roles.
• Deep understanding of global data protection laws and frameworks (e.g., GDPR, CCPA, ISO 27001, NIST).
• Proven experience in information systems security compliance and personal information protection.
• Strong knowledge of internal and external audit processes and methodologies.
• Expertise in managing cross-functional teams and communicating compliance requirements effectively.
• Relevant certifications such as CIPP/E, CIPM, CISSP, CISM, or ISO 27001 Lead Auditor.
• Familiarity with privacy-enhancing technologies and data anonymization techniques.
• Experience with compliance tools and platforms (e.g., GRC tools, DLP systems).
• Excellent analytical, problem-solving, and decision-making abilities.
• Business level mandarin speaking is required to communicate with counter parts, stakeholders and vendors based in China region, on daily basis.
Disclaimer: The company is committed to ensuring the privacy and security of your information. By submitting this form, you consent to the collection, processing, and retention of the information you provide. The data collected (which may include your contact details, educational background, work experience and skills) will be used solely for the purpose of evaluating your qualifications for the position you're applying for. Your data will be stored securely and retained for the duration necessary to fulfill our hiring process. If you are not selected for the position, your data will be kept on file for a limited period in case future opportunities arise. You have the right to access, correct, or delete your data at any time by contacting us at Quess Singapore | A Leading Staffing Services Provider in Singapore (quesscorp.sg)
