Job Summary
As a Governance, Risk and Compliance Specialist in the MAS’s Cybersecurity (CySD) Division’s Security Governance &
Compliance (SGC) team, you will be a subject matter expert advising internal stakeholders on cybersecurity compliance
requirements. You will be working closely with application teams and line 2.
Your scope of work includes:
• writing internal cybersecurity policies and processes;
• ascertain security compliance;
• support IT / cyber security audits; and
• tracking and reporting of cyber risks.
Key Responsibilities
• Develop the culture of cyber security governance and risk management across the organisation, and ensure proper
accountability in the management, tracking and reporting of cyber risks.
• Provide subject matter advice to internal stakeholders on cyber security requirements that the Authority is required
to comply with, including MAS’ internal policies and standards, as well as policies and standards from GovTech and
Cyber Security Agency of Singapore.
• Review and establish ICT policies and processes controls, and conduct compliance checks.
• Support the CIO and CISO, and work with internal stakeholders to:
o Track and monitor cyber security initiatives to meet compliance requirements.
o Participate in consultation and conduct gap analysis against new requirements.
o Assess and seek waiver approvals for deviations and dispensations.
o Coordinate and facilitate IT / cyber security audits.
• Track remediation plans to address audit findings.
What we are looking for
Working experience in IT Governance, IT Audit, Cyber security or related field.
• Relevant certifications in IT governance, IT audit, cyber or data security (e.g. CISSP, CISM, CISA, CGEIT, etc.) preferred.
• Ability to work with cross-functional, multi-disciplined team to institute and monitor security policies and procedures.
• Knowledge of Instruction Manual 8 and CSA Cybersecurity Code of Practice preferred.
