Perform Information Security Risk Assessments on business applications throughout development lifecycle for SDLC/Agile/Iterative Lifecycle.
Report Information Security issues/gaps with appropriate recommendations to mitigate and/or remediate the risk as well as assist IT with corrective action plans. Provide subject matter expertise in application development lifecycle to assess security requirements, controls and ensure that security controls are implemented and planned
Promote awareness of information security policies, standards and best practices
Also as a program manager, manage information security assessments operational KPI/KRIs
Drive improvement to Information Security process, standards and policies
Interface with Risk, Internal Audit, external Audit, Regulator and/or provide timely support during audits.
Establish and maintain relationships with domain architects, project managers and IT SMEs.
Demonstrate good understanding of Singapore regulatory framework and local laws on information security, technology risk, data protection. In addition, solid understanding of ISO 27001, NIST CSF, MITRE etc.
Perform independent assessments of the technical security controls implemented within the system to determine the overall effectiveness of the controls.
Beware of fraud agents! do not pay money to get a job
MNCJobz.com will not be responsible for any payment made to a third-party. All Terms of Use are applicable.