IT Policy & Compliance Specialist   (Vacancy Closed)

** For registered candidates, please login to apply

Job Summary

  • Execute certification e.g. ISO27001 and compliance roadmap working with cross-functional teams and external & internal auditors.

  • Accurately interpret, map, and communicate information systems compliance regulations and requirements within the organization, leveraging best practices.

  • Provide the organization with recommendations to improve compliance with policies, standards and external requirements and continually analysing for opportunities for process optimization.

  • Support leadership teams to develop and expand continuous monitoring processes to assess compliance with information security policies and standards, legal and regulatory compliance.

Job Descriptions

  • Develop information technology security policy, standard etc. based on regulatory/external requirement and leading practices update organization information technology security policies accordingly.

  • Monitor open audit items from internal audits and external compliance/certification audits to ensure completion of remediation activities defined in the agreed action plans and risk treatment plans.

  • Conduct internal compliance and risk assessments audits to system and vendor at planned intervals and on an ad hoc basis to evaluate and validate the design and operational effectiveness of policies, standards, and internal control framework to help reduce risk in the organization.

  • Organize and efficiently manage internal audits, internal/external compliance, and certification audits for the organization.

  • Provide security policy and cybersecurity awareness to staff and vendor.

  • Monitor noncompliance for data lost prevention and firewall policy, take necessary action to improve process/reduce risk for the organization.

Job Requirements

  • Degree in Computer Science / Information Systems / Information Technology or equivalent.

  • Minimum 7 years of experience working in an information security, information technology or information risk management related field possessing thorough understanding of industry standards and regulations including ISO 27001, RMIT.

  • Possessed IT Risk/Compliance Certification e.g. ISO27001, COBIT.

  • Demonstrated experience in managing compliance programs for financial services organization or organizations with similar information security needs and requirements.

  • Familiarity and understanding of a broad range of IT technical controls, hardware and software products, cloud computing, or hosting services.

  • Demonstrated ability to multi-task, respond to needs quickly and efficiently and prioritize work with a strong attention to detail.

  • Ability to work well under pressure and respond to tight deadlines while exercising sound judgment and a self-starter and possess the qualities to work efficiently, effectively, and autonomously with minimum supervision.