Qualification training shall be provided as necessary to attain competency to deliver job responsibilities.
Main Job Responsibilities:
- Conduct 3rd party audits to assess organizations' Information Security Management System and related Statement of Applicability (SoA) for conformity with ISO/IEC 27001 and in strict compliance with GIC's Code of Ethics and established audit procedures
- Conduct other related Information Security, Cybersecurity, Data Protection audits – ISO/IEC 27701, ISO/IEC 27017, ISO/IEC 27018, CSA Cyber Essentials mark, CSA Cyber Trust mark, IMDA Data Protection Trust mark, GDPR Compliance audits, Second Party IT audits
- Conduct Information Security, Cybersecurity, Data Protection trainings/workshops/seminars
- Manage the entire audit process from planning, conducting, reporting, and following up on the assigned audits.
- Support in technical review of audit reports and technical advice to Sales Team and Certification Team as and when required.
Job Qualifications / Requirements:
- Possess a professional degree in Computer Science/Information Security/Cybersecurity or related fields to Information Technology
- At least two years are in a role or function relating to information security/Cybersecurity
- Successfully completed a Lead Auditor Course in ISO/IEC 2700 Information Security Management System (ISMS)
- Having completed training courses in Singapore PDPA Fundamentals/Practitioner and holding industry certifications like CISA, CIPM, CISSP will be advantageous