Cyber Governance, Risk & Compliance (GRC) Consultant

Responsibilities:

• Guide the end users on Governance, Risk and Compliance aspects of Security Management.
• Work with various team in Temasek in fulfilling security requirements to establish compliance and document risks
• Participate in Project activities and guide Project teams to remediate new and outstanding issues; track security-related issues.
• Support Auditors and Audits in providing relevant details necessary to show Compliance statuses
• Participate in overall security governance programs and provide quality of service to ensure system has attained highest security standards
• Knowledge on CIS security standards and guidelines in guiding the team for establishing compliance.
• Participate in design activities and provide various solutions to ensure security is not compromised at various phases of the program lifecycle
• Recommend and provide templates where possible for end users to assist in minimizing the security risks
• Have good knowledge and understanding of the attack vectors, provide solutions during design phase to the programs on minimizing them with appropriate security controls necessary.
• Train other staff and external clients as necessary
• Hands on experience in GRC implementation.
• Directly responsible for procedures and controls to assure compliance with applicable regulatory and legal requirements as well as good business practices.
• Establish and oversee formal risk analysis and self-assessments program for various Information Services systems and processes.
• Help ensure compliance with Banking Regularity compliance (BFSI), HIPAA, PCI and the NC Identity Theft law. 
• Establish and oversee a formal vulnerability and testing program.
• Management to remediate new and outstanding issues; track security-related issues
• Maintain expertise on security trends through training, research and development in order to mitigate potential security exposures.
• Manage, coach, lead and develop a small/mid staff of GRC personnel

Requirements:

• Candidate should have bachelor’s degree in computer engineering.
• 5-8+ years of relevant experience in Cyber Security.
• Good communication skills.