Security Compliance Engineer (GRC) - Leading Fintech Firm

We are on the hunt for dedicated technology cybersecurity experts with Governance, Risk, and Compliance (GRC) management skills to be an integral part of our Global Information Security team.

Responsibilities:

• Formulate, oversee, and revise our Business Group's information security guidelines, standards, and processes in collaboration with various business units to safeguard infrastructure, essential business data, and customer information.

• Ensure consistent application of policies across the business group and monitor adherence to the established governance principles to guarantee expected value delivery.

• Build and maintain relationships with Business and Technology stakeholders to comprehend current business group challenges, and establish a GRC framework to manage risk and compliance levels.

• Collaborate with Compliance, Data Privacy, and Legal teams on new project security reviews, including cybersecurity risk evaluation, assessment, treatment, and monitoring to ensure high risks are mitigated to an acceptable level, and assist stakeholders in making well-informed decisions.

• Coordinate with Compliance and various Technology teams on regulator inspection, external audit, security certificate programs, and internal audit projects to ensure compliance with financial regulations.

• Convey and report to senior management, present security risks and recommendations in regional Risk Management Committees (RMC) and board meetings.

Requirements:

• BS/MS in Computer Science / Cybersecurity with 5 or more years of relevant experience in cyber security or information technology risk management in the financial sector.

• Proven experience in security compliance programmes.

• Experience in maintaining information security standards and regulations such as PCI DSS, ISO27001, GDPR, PSD2, SWIFT CSP, and MAS TRM guidelines.

• Exceptional relationship-building and communication skills with the capability to engage people from diverse cultures and different levels.

• Robust stakeholder management abilities, working across the South East Asia business and China teams to leverage knowledge and resources from this network to achieve objectives.

• Solid understanding of cloud computing, networking, OS, and its security aspects.

• Preferably with CISSP, CISA, and CRISC certification.

• Excellent command of both spoken and written English and Mandarin Chinese to communicate with our Mandarin-speaking stakeholders.

If this outstanding opportunity sounds like your next career move, please submit through "Apply Now" or send your resume in Word format to Ben Goh at resume.my@pinpointasia.com and put Security Compliance Engineer (GRC) - Leading Fintech Firm in the subject header.

Data provided is for recruitment purposes only.