Job Description

Job Title:

Security GRC Lead/ ISO

About the Role

We are hiring an

Security GRC Lead/ISO

for our client in the

insurance sector

. This is a senior leadership role responsible for developing and executing the enterprise-wide information security strategy. The successful candidate will drive policy, governance, and risk management initiatives while overseeing cybersecurity operations and ensuring alignment between business and security objectives.

Key Responsibilities

Develop and lead the company-wide information security strategy in alignment with business goals and regulatory standards (e.g., MAS TRM, ISO 27001). Serve as the key advisor and senior leadership on cybersecurity and risk matters. Lead the creation and enforcement of security policies, procedures, and standards. Manage security risk assessments, third-party/vendor risk, and compliance initiatives. Oversee incident response and threat management across the organization. Monitor and report key security metrics, including incident response time, system availability, and vendor performance. Evaluate and implement emerging cybersecurity technologies and best practices.

Qualifications

Bachelor's or Master's in Computer Science, Information Security, or related field. Professional certifications such as

CISSP, CISM, CISA, CRISC

, or equivalent are preferred.

8-10 years

of relevant experience, with at least 5 years in a security leadership role (e.g., IT Security Manager, CISO). Proven experience in

regulated industries

, ideally within financial services or insurance. Strong knowledge of

MAS TRM guidelines

, risk frameworks, and GRC practices. Excellent leadership, communication, and stakeholder management skills.
If this opportunity aligns with your skills and career goals, we encourage you to apply.







EA License: 21C0783


EAP Registration No: R24123529