Job Description

We use cookies to offer you the best possible website experience. Your cookie preferences will be stored in your browser's local storage. This includes cookies necessary for the website's operation. Additionally, you can freely decide and change any time whether you accept cookies or choose to opt out of cookies to improve the website's performance, as well as cookies used to display content tailored to your interests. Your experience of the site and the services we are able to offer may be impacted if you do not accept all cookies. Modify Cookie Preferences
Reject All Cookies Accept All Cookies
Press Tab to Move to Skip to Content Link
Search Jobs

IT Consultant, IT Compliance & Risk Management
Posting Start Date: 11/09/2025
Schemes of Service: Corporate
Division: Communications & Information Technology
Employment Type: Fixed Term
Reporting to the Principal IT Consultant, this role supports the Communications & Information Technology Division by ensuring robust IT Governance, Risk & Compliance (GRC) which includes development, implementation, and monitoring of IT governance frameworks, policies, processes to ensure the organisation's IT practices align with regulatory requirements, industry standards, and strategic business goals.
Key Responsibilities

• Drive organisational awareness and engagement to support IT GRC objectives.
• Manage and coordinate IT audits by working with internal stakeholders to gather required information and review submissions to auditors.
• Ensure IT policies, procedures and controls are up to date, properly documented with relevant stakeholders, and aligned with current processes to reduce risk.
• Develop, maintain, review and report on the IT Risk Register.
• Perform internal control testing or sampling checks to ensure compliance with IT policies and procedures.
• Schedule and participate in periodic risk self-assessments, and track remediation action plans to closure.
• Support initiatives to assess the adequacy and effectiveness of IT controls and policies and oversee remediation activities to address compliance gaps.
• Coordinate with relevant stakeholders on quarterly IT Disaster Recovery (ITDR) exercises and follow-up actions.
• Consolidate IT incidents and conduct root cause analysis.
• Identify gaps in IT processes and work with stakeholders to implement remediation measures (e.g. work process gaps in Low Code/No Code platforms).
• Assist in reviewing meeting minutes of quarterly division and IT committee meetings.

Job Requirements

• Bachelor's degree in Information Technology, Computer Science or a related field, with at least 8 years' experience in IT governance, audits and risk management.
• Proven experience with ISO27001 compliance efforts; certification experience is highly desirable.
• Strong knowledge and experience with standards and frameworks such as ISO27001:2022, Cybersecurity Trustmark and Personal Data Protection Act (PDPA).
• Strong analytical and problem-solving skills.
• Ability to work independently as well as collaboratively across teams.
• Strong written and verbal communication skills, with the ability to engage stakeholders at all levels.
• Positive attitude, proactive mindset and an excellent team player.

Copyright 2025 Singapore Institute of Technology. All Rights Reserved.
x
Cookie Consent Manager
When you visit any website, it may store or retrieve information on your browser, mostly in the form of cookies. Because we respect your right to privacy, you can choose not to allow some types of cookies. However, blocking some types of cookies may impact your experience of the site and the services we are able to offer.
Required Cookies
These cookies are required to use this website and can't be turned off.
Show More Details
Required Cookies Provider Description Enabled
SAP as service provider
We use the following session cookies, which are all required to enable the website to function:

• "route" is used for session stickiness
• "careerSiteCompanyId" is used to send the request to the correct data centre
• "JSESSIONID" is placed on the visitor's device during the session so the server can identify the visitor
• "Load balancer cookie" (actual cookie name may vary) prevents a visitor from bouncing from one instance to another

Functional Cookies
These cookies provide a better customer experience on this site, such as by remembering your login details, optimising video performance or providing us with information about how our site is used. You may freely choose to accept or decline these cookies at any time. Note that certain functionalities that these third-parties make available may be impacted if you do not accept these cookies.
Show More Details
Functional Cookies Provider Description Enabled
Vimeo
Vimeo is a video hosting, sharing and services platform focused on the delivery of video. Opting out of Vimeo cookies will disable your ability to watch or interact with Vimeo videos.
YouTube
YouTube is a video-sharing service where users can create their own profile, upload videos, watch, like and comment on videos. Opting out of YouTube cookies will disable your ability to watch or interact with YouTube videos.

Skills Required