IT Consultant - IT Governance
Job no: 496722
Department: Communications and InformationTechnology
Contract type: Contract, Permanent
Reporting to the Lead IT Consultant (IT Governance) and supporting the Communications & Information Technology Division in all SIT’s IT Governance, Risk & Compliance (GRC), IT Disaster Recovery and Business Continuity and new Data Governance initiatives. The duties of the successful incumbent includes the following:
- Work on standards and framework, and to drive the implementation and organizational awareness to support IT Governance, Risk & Compliance (GRC) objectives
- Support initiatives to assess the adequacy and effectiveness of IT controls and policies, and direct remediation activities to ensure that compliance gaps are successfully addressed
- Manage and ensure IT policies and procedures up to date across the organization, working with the appropriate stakeholders
- Jointly monitor, track and review with Cyber Security team and other IT teams on all risk findings and assessments of IT initiatives.
- Develop, maintain, review and report on the IT Risk Register. Schedule and participate in periodic risk self-assessments and track remediation action plans.
- Front auditors, both internal and external, for audits directed at the IT Division or at business divisions where IT involvement is required.
- Detailed reporting on security risk issues and treatment plans to SIT management or statutory reporting to MOE
- Work on new policies and standards for new Data Governance initiatives covering data security classification, handling, storage, retention and disposal
- Drive continuous improvement based on expert knowledge in domain areas, industry best practices, established market standards and certifications, and business objectives
- Bachelor’s degree in information Technology or Computer Science or related fields, with minimum 4 years’ experience in IT governance, audits and risk management
- Experience in ISO27001 compliance efforts and certification experience is highly desirable
- Good knowledge and experience with standards and frameworks like NIST, ISO27001, MTCS, and Personal Data Protection Act (PDPA) is essential; familiarity with Government IM and PCI-DSS
- Industry certifications like ITIL, COBIT, PMP, DRM/BCM, CISSP/CISA/CISM are desirable
- Possess excellent written and oral communication skills with the ability to present ideas and results to all levels of staff, including C-Level and Board executives
- Good analytical and problem-solving skills
- Have a positive attitude and excellent team player
Advertised: Singapore Standard Time
Back to Jobs Refer a friend