Overview
Cybersecurity GRC Consultant Jobs in Singapore, Singapore at Sopra Steria
Title: Cybersecurity GRC Consultant
Company: Sopra Steria
Location: Singapore, Singapore
Company:Sopra Steria is a listed European tech leader specializes in Consulting, Digital Service, and Software. We have 60,000 employees worldwide located in different regions (Europe, North America and Asia), whereby Singapore is the HQ for APAC. EvaGroup Asia Pacific is part of Sopra Steria I2S APAC, in charge of Infrastructure, Cloud and Cybersecurity services.
Descriptions:In this role, you will join a team of six members from Sopra Steria to support one of our government project. The scope of work includes:
Security Risk Assessment
Security Policies, Standards, Guidelines, And Procedures Review
Security Design
Application Security
Vulnerability assessment and
System Security Acceptance Testing
You will be an expert in the field of Governance, Risk Assessment, and Compliance.
Responsibilities
:
Conduct information security risk assessments, compliance reviews and/or audits on client’s systems, which include IT and/or OT infrastructure and applications
Develop and review client’s information security framework and policies
Work with internal and external stakeholders to deliver consultancy and advisory services
Provide subject matter advice to internal stakeholders on cyber security requirements that the organisation is required to comply with, including internal policies and standards
Participate in consultation and conduct gap analysis against new or revised requirements
Follow up on remediation actions, security and risk assessments with respective stakeholders
Present management reporting to stakeholders, with analysis of data and trends, and recommend next steps
Requirements
Bachelor’s Degree in Cybersecurity, Information Technology or equivalent
At least 3 years relevant experience in ICT cybersecurity, audit management, governance, risk and compliance management
Proven experience in establishing and optimizing governance frameworks within public and private cloud environments (e.g., AWS, Azure, Google Cloud). Ability to design policies and procedures that ensure effective cloud resource management, cost control, and operational efficiency
Relevant certifications in IT governance, IT audit, cyber or data security (e.g. CISSP, CISM, CISA, etc.) preferred
Information security standards and frameworks such as ISO 27001/2, MAS TRM, NIST CSF, GovTech IM8, and CIS Controls
Technical knowledge of security vulnerabilities, validation of remediations and risk assessments
Ability to work with cross-functional, multi-disciplined team
Excellent in oral and written communication
Benefits
Regular team buildings
18 leave days / year
Insurance: GP, Hospitalisation, Dental and Optical
Annual bonus
Working hours: from 8:30am to 6pm, Monday to Friday
Training and certifications paths
