As a Governance, Risk and Compliance Specialist:
Your scope of work includes:
• Writing internal cybersecurity policies and processes.
• Ascertain security compliance.
• Support IT / cyber security audits; and
• Tracking and reporting of cyber risks.
Key Responsibilities:
• Develop the culture of cyber security governance and risk management across the organization, and ensure proper accountability in the management, tracking and reporting of cyber risks.
• Provide subject matter advice to internal stakeholders on cyber security requirements that the Authority is required to comply with, including internal policies and standards, as well as policies and standards.
• Review and establish ICT policies and processes controls and conduct compliance checks.
• Support the CIO and CISO, and work with internal stakeholders to:
o Track and monitor cyber security initiatives to meet compliance requirements.
o Participate in consultation and conduct gap analysis against new requirements.
o Assess and seek waiver approvals for deviations and dispensations.
o Coordinate and facilitate IT / cyber security audits.
• Track remediation plans to address audit findings.
What we are looking for:
• Working experience in IT Governance, IT Audit, Cyber security or related field.
• Relevant certifications in IT governance, IT audit, cyber or data security (e.g. CISSP, CISM, CISA, CGEIT, etc.) preferred.
• Ability to work with cross-functional, multi-disciplined team to institute and monitor security policies and procedures.
• Knowledge of Instruction Manual 8 and CSA Cybersecurity Code of Practice preferred.
