Cybersecurity GRC Consultant
Sopra Steria
Sopra Steria, a European Tech leader recognized for its consulting, digital services, and software development, helps its clients drive their digital transformation to obtain tangible and sustainable benefits.
Sopra Steria is a listed European tech leader specializing in Consulting, Digital Service, and Software. We have 60,000 employees worldwide located in different regions (Europe, North America, and Asia), with Singapore as the HQ for APAC. EvaGroup Asia Pacific is part of Sopra Steria I2S APAC, in charge of Infrastructure, Cloud, and Cybersecurity services.
Job Description:
In this role, you will join a team of six members from Sopra Steria to support one of our government projects. The scope of work includes:
- Security Risk Assessment
- Security Policies, Standards, Guidelines, And Procedures Review
- Security Design
- Application Security
- Vulnerability Assessment
- System Security Acceptance Testing
You will be an expert in the field of Governance, Risk Assessment, and Compliance.
Responsibilities:
- Conduct information security risk assessments, compliance reviews, and/or audits on client’s systems, which include IT and/or OT infrastructure and applications.
- Develop and review client’s information security framework and policies.
- Work with internal and external stakeholders to deliver consultancy and advisory services.
- Provide subject matter advice to internal stakeholders on cyber security requirements that the organization is required to comply with, including internal policies and standards.
- Participate in consultation and conduct gap analysis against new or revised requirements.
- Follow up on remediation actions, security and risk assessments with respective stakeholders.
- Present management reporting to stakeholders, with analysis of data and trends, and recommend next steps.
Requirements:
- Bachelor's Degree in Cybersecurity, Information Technology, or equivalent.
- At least 3 years of relevant experience in ICT cybersecurity, audit management, governance, risk, and compliance management.
- Proven experience in establishing and optimizing governance frameworks within public and private cloud environments (e.g., AWS, Azure, Google Cloud). Ability to design policies and procedures that ensure effective cloud resource management, cost control, and operational efficiency.
- Relevant certifications in IT governance, IT audit, cyber or data security (e.g. CISSP, CISM, CISA, etc.) preferred.
- Knowledge of information security standards and frameworks such as ISO 27001/2, MAS TRM, NIST CSF, GovTech IM8, and CIS Controls.
- Technical knowledge of security vulnerabilities, validation of remediations, and risk assessments.
- Ability to work with a cross-functional, multi-disciplined team.
- Excellent oral and written communication skills.
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
job faster
