Job Description

For Posting Welcome to Brighter! Ready to be part of a company that is not only leading the market, but transforming in the most exciting way? In Singapore, we are a team of experts who believe in building brighter futures for our For Posting Welcome to Brighter! Ready to be part of a company that is not only leading the market, but transforming in the most exciting way In Singapore, we are a team of experts who believe in building brighter futures for our clients and community by redefining the world of work, reshaping retirement and investment outcomes, and unlocking real health and wellbeing. At Mercer, we walk the talk: Voted #1 HR Consulting Company globally Recognized as Asset Consultant of the Year for 4 consecutive years by Asia Asset Management Named Best Employee Engagement Consultancy and Best Corporate Wellness Provider by Human Resources Online Great Package and Recognition Programs Energetic & flexible environment surrounded by supportive colleagues We take care of our people and we pride ourselves in our diverse and inclusive workforce with our 'people first' culture. We make sure our people are continually learning and growing, providing them with outstanding career development, on-the-job learning opportunities and financial rewards. Most importantly, we are committed to making your journey with us meaningful and fun. In order to support our team and strengthen the growth of our APAC business, we are looking for an: Information Security Analyst (Governance) What can you expect Darwin Technologies Ltd is a market leader in innovative technology and consultancy services related to total reward and flexible benefit programmes. Some of Darwin's clients include some of the world's best known brands across financial service, e-commerce and business services. We will count on you to: Reporting to the Information Security Manager in London, you will be contributing to the management of Information Security Governance across the global business by: Assist with the management of the ABS - OSPAR (Singapore specific) audit process and continued attestation as held by our parent company Mercer. Maintain ISO 27001: 2013 Certification in our Singapore office - but also to assist with the ISMS across our global offices. Reporting information security compliance and risk to key stakeholders within the business through the input into the risk ledger and overall ISRM process. Assisting with Information Security incident management and remediation across our global offices Occasionally acting as an SME to the pre-sales and RFP process by reviewing client surveys/producing and maintaining security schedules for both clients and internal stakeholders. Supporting where applicable any client led audits (remote and on premise). Contributing to the review of Information Security requirements as part of the contractual process where required. Overseeing and assisting with the Application and Infrastructure Penetration testing process as managed by our independent and external suppliers. Contributing to pragmatic and practical security controls and solutions being implemented as aligned with business objectives. Liaising with internal Development, Infrastructure, Architecture and Product teams in relation to information security threats, vulnerabilities and recommending mitigations. Helping to maintain an ongoing security awareness and training program across all global offices. Working with the wider teams across the organization to ensure good security hygiene is maintained as per business objectives. What you need to have: This role is a mixed bag of having some technical know-how of technologies and a wider view of governance as a result the suitable candidate will need to have: Excellent verbal and written communication skills Exposure or experience with involvement with ABS-OSPAR audits Experience with managing internal and external audits within an organisation Experience of helping to drive Information Security initiatives within a global business Exposure maintaining/contributing to the management of ISO 27001 Certification - ideally within a Global technology business Experience in conducting Information Security reviews or audits Experience in helping to deliver ongoing security awareness and training Some knowledge or experience in Privacy/Data Protection and/or working with Risk/Compliance functions Flexible attitude, and an ability to perform under pressure Personable and approachable Qualifications (Desirable): Any ISO 27001:2013 related certifications, e.g. Lead Implementer Lead Auditor CISSP CISA/CISM University graduate in Computer Science related discipline At Mercer, we are as invested in creating brighter futures for our people as we are for our clients. Now is a great time to join a global organization that's leading on critical market issues. Welcome to Brighter! MERCER believes in building brighter futures by redefining the world of work, reshaping retirement and investment outcomes, and unlocking real health and well-being. Mercer's more than 25,000 employees are based in 44 countries and the firm operates in over 130 countries. Mercer is a business of (NYSE: MMC), the world's leading professional services firm in the areas of risk, strategy and people, with 76,000 colleagues and annual revenue of $17 billion. Through its market-leading businesses including , and , Marsh & McLennan helps clients navigate an increasingly dynamic and complex environment. For more information, visit . Follow Mercer on Twitter .