Client Information Security Deputy Lead Client Information Security Deputy Lead …


in Singapore
Permanent, Full time
Last application, 16 Sep 21

in Singapore
Permanent, Full time
Last application, 16 Sep 21
See job description for details
Main Job Responsibilities:
  • Serve as the deputy lead in the absence of the Director, Client Information Security Lead function and team management to ensure the success of the client information security program.
  • Collaborate with NCS Project & Quality teams and provide security consulting and advisory on security technology, security best practice and regulatory compliance.
  • Act as a cyber security incident response advisor on potential security matters.
  • Responsible for ensuring the accounts cybersecurity controls are in compliance with the Group's Cyber Security policies, standards, and guidelines, as well as the relevant regulatory requirements.
  • Administer compliance with polices and standards through ongoing compliance assessments, audits and ad-hoc reviews.
  • Develop account security scorecard and risk register report to facilitate management oversight and call out any potential cyber security risk.
  • Partner with internal and external audit teams, to manage effective audits from a compliance & point-in-time perspective, to a risk-driven, continuous proactive compliance approach.
  • Serve as a senior security liaison officer across line of business and accounts

The ideal candidate should possess:
  • Minimum a Degree/Diploma or higher in Computer Science, Information Systems or equivalent
  • At least one security certification is preferred, such as Certified Information Security Management (CISM), Certified Risk Information Security Control (CRISC), or Certified Information Systems Security Professional (CISSP)
  • At least 10 years of experience in IT Risk Management, Governance or Compliance.
  • Understanding of control and risk management concepts including control testing, risk assessments, risk treatment and third party risk.
  • Knowledge of risk management policies, methods, standards, processes, governance models, and both quantitative and qualitative risk analysis approaches.
  • Knowledge of common information security management frameworks, such as ISO 27001-5, COBIT and NIST, including 800-53 and Cyber security Framework.
  • Senior stakeholder management and working across various parts of the organization.
  • At least 5 years of experience in managing a cyber security or IT risk function within an organization with 3 years in experience in Enterprise IT or Cyber Operations.
  • Strong communication skills, both written and verbal
  • Candidates with technical hands in both cyber security and information security.
  • Good understanding in the following areas: DCM/DR, Platform Security, Data Security, Network Security, Physical Security, Security Assessment Tools, Security Monitoring Tools.

NCS logo
More Jobs Like This
See more jobs