Information Security GRC Specialist for a Financial Institution (5-10 Years)

Job Posting by Sheralynn Tjioe, Associate Director (Cyber Security and GRC) Recruitment at Charterhouse Asia

**********@charterhouse.com.sg

Information Security GRC Specialist for a Financial Institution (5-10 Years)

The Information Security GRC Specialist is responsible for overseeing Information Security compliance assessments across the organisations technology infrastructure. This role ensures that critical security controls are implemented effectively, aligned with industry standards and internal policies, to safeguard the organisations assets and reduce security risks.

*Must be a specialist in Information Security

RESPONSIBILITIES:

Evaluate Security Processes: Conduct in-depth assessments of essential Information Security processes, including Patch Management and Open-Source Vulnerability Management, across technology systems. Ensure that necessary security controls are in place to effectively mitigate risks. Collaborate Across Teams: Partner with IT, operations, and security teams to identify, prioritize, and resolve vulnerabilities within production environments. Act as a liaison between technical and non-technical teams, ensuring security issues are addressed promptly and clearly communicated. Monitor Vulnerability Resolution: Track the progress of vulnerability remediation efforts, ensuring timely resolution according to deadlines. Conduct follow-up checks to verify that corrective actions are successfully implemented and all risks are mitigated. Reporting & Communication: Provide regular updates and detailed reports to risk management committees, highlighting outstanding vulnerabilities, their potential impact, and the status of remediation efforts. Keep senior leadership informed about critical security gaps. Risk Monitoring & Control: Track and report on Key Risk Indicators (KRIs) to assess the organisations exposure to security risks. Conduct Risk Control Self-Assessments (RCSAs) to ensure existing controls are effective and mitigate risks. Support Security Initiatives: Contribute to various security-related projects, including audits, process improvements, policy updates, and compliance efforts, to continually enhance the organisations overall security posture.

REQUIREMENTS:

Educational Background: Bachelors Degree in Computer Science, Information Systems, Cybersecurity, or a related field. Experience: Minimum of 5 years in managing internal controls within an IT security environment, with a strong focus on compliance and security best practices. Regulatory Knowledge: Strong understanding of local regulatory requirements and cybersecurity frameworks, such as MAS TRMG Guidelines and Cyber Security Hygiene standards. Certifications: IT security or related certifications (e.g., CISSP, CCNA, CEH) are highly desirable. Cybersecurity Awareness: Excellent awareness of current trends and developments in the cybersecurity field, with a proactive approach to staying informed on emerging threats and solutions. Collaboration Skills: Strong teamwork and communication skills, with the ability to manage detailed work and remain calm under pressure. Self-Starter: Highly self-motivated with the ability to manage multiple tasks, meet deadlines, and work independently in a fast-paced environment.

Please contact Sheralynn Tjioe at **********@charterhouse.com.sg for a confidential discussion.

EA License no: 16S8066 | Reg no.: R1878306

Only successful candidates will be notified.

Information :

• Company : Charterhouse
• Position : Information Security GRC Specialist for a Financial Institution (5-10 Years)
• Location : Singapore
• Country : SG