Singtel
The Singtel Group, Asia's leading communications group provides a diverse range of services including fixed, mobile, data, internet, TV, infocomms technology (ICT) and digital solutions.
NCS is a leading technology services firm that operates across the Asia Pacific region in over 20 cities, providing consulting, digital services, technology solutions, and more. We believe in harnessing the power of technology to achieve extraordinary things, creating lasting value and impact for our communities, partners, and people. Our diverse workforce of 13,000 has delivered large-scale, mission-critical, and multi-platform projects for governments and enterprises in Singapore and the APAC region.
We’re searching for a Risk & Compliance Analyst to be part of our diverse team of talents here at NCS!
If you believe in going above and beyond, want to exemplify the best, and wish to bring people and technology together like never before, then we would love to have a conversation with you!
Overview
To develop and drive effective cyber security compliance programs involving activities such as to review and develop security policies, processes/procedures and guidelines, establish compliance with policies, standards, conduct security risk assessment, assist in security advisory, audits and reviews.
What we seek to accomplish together:
- Develop and implement cybersecurity awareness programs across the organization.
- Conduct phishing simulation exercises to enhance staff awareness and resilience.
- Perform Third-Party Risk Management (TPRM) assessments for NCS suppliers and evaluate risk assessments for any deviations.
- Review cybersecurity deviation requests, monitor their expiry dates, and follow up as needed.
- Create and maintain Standard Operating Procedures (SOPs) for CyberGRC activities.
- Provide guidance and support to staff on cybersecurity policies and standards.
- Manage and update the CyberGRC SharePoint site with current activities and resources.
- Assist with the preparation of monthly CyberGRC reports.
A little bit about you:
- Degree/Diploma or higher in Computer Science, Information Systems or equivalent
- At least one security certification is preferred, such as Certified Information Security Management (CISM), Certified Risk Information Security Control (CRISC), Certified Information Systems Auditor (CISA) or Certified Information Systems Security Professional (CISSP) or Technology specific certification
- At least 3-4 years of experience in IT, Cybersecurity, Risk Management
- Understanding of control and risk management concepts including control testing, risk assessments, risk treatment and third party risk.
- Knowledge of risk management policies, methods, standards, processes, governance models, and both quantitative and qualitative risk analysis approaches.
- Knowledge of common information security management frameworks, such as ISO 27001-5, COBIT and NIST, including 800-53 and Cyber security Framework.
We are driven by our AEIOU beliefs—Adventure, Excellence, Integrity, Ownership, and Unity—and we seek individuals who embody these values in both their professional and personal lives. We are committed to our Impact: Valuing our clients, Growing our people, and Creating our future.
Together, we make the extraordinary happen.
Learn more about us at ncs.co and visit our LinkedIn career site.