Deskripsi Pekerjaan
Career Ally is seeking a proactive Cybersecurity Analyst (Governance, Risk & Compliance) to strengthen our security posture in Singapore’s Central Region. As part of our team, you will play a critical role in protecting our financial services infrastructure, ensuring regulatory compliance, and guiding the organization toward robust risk management.
You’ll collaborate with cross‑functional teams to design and enforce security policies, conduct risk assessments, and monitor the threat landscape. Your insights will directly influence strategic decisions, helping us stay ahead of emerging cyber threats while maintaining the trust of clients, regulators, and stakeholders.
Key aspects of the role include translating complex security requirements into actionable controls, leading compliance audits, and delivering clear reporting to senior leadership. This position offers ample opportunities for professional growth, exposure to cutting‑edge security technologies, and a supportive environment that values continuous learning.
We offer a competitive compensation package, flexible work arrangements, and a clear career progression pathway for ambitious professionals who thrive in dynamic, regulated environments.
Tanggung Jawab
- Develop, implement, and maintain governance, risk, and compliance (GRC) frameworks aligned with industry standards (e.g., ISO 27001, NIST, MAS TRM).
- Conduct risk assessments, vulnerability assessments, and security audits to identify gaps and recommend remediation actions.
- Monitor and analyze security events using SIEM tools, ensuring timely detection and response to potential threats.
- Partner with IT and business stakeholders to design and enforce security policies, procedures, and controls.
- Prepare and present compliance reports, risk metrics, and Board-level security updates.
- Support incident response activities, including root‑cause analysis and post‑incident reporting.
- Stay current with regulatory changes (e.g., PDPA, MAS regulations) and integrate them into the organization’s security posture.
Kualifikasi
- Bachelor’s degree in Computer Science, Information Security, or a related field; professional certifications such as CISM, CISSP, or CRISC are advantageous.
- Minimum 2‑4 years of experience in a GRC, security analyst, or risk management role, preferably within the financial sector.
- Strong knowledge of regulatory frameworks (ISO 27001, NIST, MAS, PDPA) and best practices in information security.
- Proficiency with SIEM platforms, vulnerability assessment tools, and GRC software.
- Excellent analytical, problem‑solving, and communication skills, with the ability to translate technical risks to non‑technical audiences.
- Detail‑oriented mindset with a proven track record of managing multiple priorities in a fast‑paced environment.
- Experience in conducting internal audits, policy development, and security awareness training is a plus.