Cyber Security GRC Senior Specialist

Key Responsibilities

• Perform comprehensive reviews of critical Information Security processes, such as Patch Management and Open-Source Vulnerability Management, across all required technology systems within the organisation. Ensure that the necessary security controls are consistently implemented to mitigate risks and align with industry standards and organisational policies.
• Work closely with cross-functional teams, including IT, operations, and security teams, to identify, prioritise, and remediate vulnerabilities across various production system platforms. Act as a liaison between technical and non-technical stakeholders to ensure vulnerabilities are understood and addressed in a timely manner.
• Proactively monitor the progress of vulnerability remediation activities, ensuring that all identified security issues are resolved within the specified timelines. Conduct verification checks to confirm the effectiveness of corrective actions and ensure that vulnerabilities are fully mitigated.
• Provide regular updates and detailed reports to relevant risk committees, highlighting any outstanding vulnerabilities, their potential impact, and the status of their resolution. Ensure that senior management is kept informed of any critical security gaps that may pose risks to the organisation.
• Continuously track and report on relevant Key Risk Indicators (KRIs) to assess the organisation’s risk exposure. Conduct Risk Control Self-Assessments (RCSAs) to identify and mitigate potential risks within existing controls and processes.
• Assist with other security-related tasks and projects as assigned, including contributing to audits, process improvements, policy updates, and any emerging compliance requirements to enhance the organisation’s overall Information Security posture.

Requirements

• Bachelor’s Degree in Computer Science, Information Systems, IT Security, or related fields.
• Minimum of 5 years of relevant experience in managing internal controls within an IT control environment, with a strong focus on compliance and security best practices.
• In-depth understanding of regulatory requirements in Singapore, including frameworks such as the MAS TRMG Guidelines and MAS Cyber Security Hygiene.
• IT Security or IT-related certifications (e.g., CISSP, CCNA, CEH, etc.) are highly desirable.
• Strong awareness of current security trends and events, with a demonstrated passion for staying informed on the latest developments in the cybersecurity landscape.
• Excellent team collaboration skills, with attention to detail and the ability to remain resilient under pressure.
• Self-motivated and independent, able to manage workloads effectively and meet deadlines in a fast-paced environment.