One of our leading NBFSI clients is looking to hire a Tech & Cyber Risk Control Consultant with any of relevant certifications (e.g., CISSP, CISA, CISM, CRISC). Must have experience in cybersecurity risk management practices, implement and maintain robust control assurance processes.
Key Responsibilities:
Control Assurance Framework:
- Develop, implement, and maintain a comprehensive control assurance framework for technology and cybersecurity functions.
- Establish and enforce control testing methodologies to assess the effectiveness of existing controls.
Risk Identification and Assessment:
- Collaborate with technology and security teams to identify and assess risks associated with Cloud, systems, applications, and infrastructure.
- Conduct risk assessments to evaluate the impact and likelihood of identified risks.
IT & Security Policies and Standards Management:
- Oversee the maintenance of IT & Security policies and standards.
- Ensure compliance with established policies and standards across technology and security functions.
Issues, Incident/Exception Tracking, and Reporting:
- Implement and manage processes for tracking and reporting technology and security issues, incidents, and exceptions.
- Provide timely and comprehensive reports to relevant stakeholders, including the CISO.
Tech and Security Control Testing and Assessments:
- Lead and coordinate regular testing and assessments of technology and security controls.
- Manage the remediation of control deficiencies identified through testing and assessments.
Must carry out below mention tasks:
- IAM Governance
- Monthly Phishing Test Management
- Special Security Projects
- DLP Rollout and Monitoring
- Support Governance Committees
- Audit Artifacts and Compliance Management
- Regulatory Assessments and Reporting
- Maintain OSPAR Compliance
- Ad-Hoc Tasks Directed by CISO
Qualifications and Skills:
- Bachelor’s degree in computer science, Information Security, or a related field.
- Master's degree or relevant certifications (e.g., CISSP, CISA, CISM, CRISC) preferred.
- 5 years of relevant working experience
- Proven experience in technology risk management, control assurance, or related fields
- Strong understanding of cybersecurity principles, frameworks, and best practices.
- Excellent communication and interpersonal skills with the ability to collaborate effectively across technical and non-technical teams.
- Experience working with technology and security professionals in a first line-of-defence capacity.
- Demonstrated ability to lead and drive change in a complex and dynamic environment.
- Strong analytical and problem-solving skills.
Interested candidates may apply through the application system or send it to [email protected]. Shortlisted candidates will be notified.
By sending us your personal data and curriculum vitae (CV), you are deemed to consent to Morgan Mckinley Pte Ltd and its affiliates to collect, use and disclose your personal data for the purposes set out in the Privacy Policy available at https://www.morganmckinley.com/sg/privacy-policy. You acknowledge that you have read, understood, and agree with the Privacy Policy.
Morgan McKinley Pte Ltd
Koh Boon Sien
EA Licence No: 11C5502
EA Registration No. R1110345