Senior Manager/ Vendor Security Governance

Location:
Job Type: Permanent
Posted: over 5 years ago
Contact: May Anne Ramos
Discipline:
Reference: 187002_1545960672

Senior Manager/ Vendor Security Governance

  • Permanent position
  • Competitive salary and benefits package
  • Work with cutting edge technologies

Our Client

A leading communication and services company.

The Opportunity

The position will be part of the Information Security team within Group Information Technology.

RESPONSIBILITIES:

Risk Advisory Engagement

  • Responsible to establish, communicate and maintain TPSP Cybersecurity Risk Governance Framework.
  • Ensure that Cybersecurity requirements are practical and communicated to all relevant parties.
  • Coordinate and schedule assessment review work to ensure all-important TPSP reviews are conducted annually.
  • Ensure identified cybersecurity risks are registered and tracked.
  • Communicate identified cybersecurity risks to stakeholders and provide the required risk advisory to assist the stakeholders to make the appropriate decision to address the identified risks.
  • Ensure stakeholders adhere to the TPSP Cybersecurity Risk Management Framework.
  • Work with Group Legal, Risk and Procurement to ensure that TPSP Cybersecurity Risk Management Framework remains relevant to each Business Units.

Administrative Support

  • Work with Business Units and Procurement to maintain an accurate inventory of TPSP.
  • Ensure all Business Units stakeholders understand and comply with the TPSP cybersecurity risk governance framework through awareness campaigns.
  • Provide regular updates on state of compliance and risk tracking.

Customer Experience

  • Demonstrate professional, pro-active qualities in dealing with internal clients and stakeholders.
  • Attend required meetings on information security governance, risk, and compliance topics.

Process and Procedure

  • Assist in the development, implementation and maintenance of TPSP policies, standards, and operating procedures as required.
  • Escalate issues arising from policy non-compliance to the reporting manager.
  • Implement and maintain metrics to ensure that the performance and compliance to Singtel Group security requirements are measured and reporting requirements are met.

Continuous Improvement

  • Maintain strategic vendor partnerships, relevant education and certification.
  • Complete relevant security education and training as required.
  • Keep abreast of relevant technology to improve service delivery.
  • Identify areas of improvement in delivering services.
  • Keep all role related technical documentation current.
  • Create or improve technical documentation where it is lacking.

Communication and Teamwork

  • Work with all stakeholders to meet security requirements.
  • Promote knowledge sharing, effective communication and teamwork with peers.

Your Background

Qualifications/Experience Should Include:

  • Bachelor's Degree in computer science, Computer Engineering, Electrical Engineering or other relevant field of study
  • Minimum 2 years of practical experience in vendor security management.
  • Minimum 6 to 10 years of experience as an Information Security Professional
  • Experience working as part of an internal Audit, Governance and Compliance team.
  • Advanced understanding in the following areas: Platform Security, Data Security, Network Security, Physical Security, Security Assessment Tools, Security Monitoring Tools.
  • Advanced understanding in the following areas: Security Governance Standards, Business Continuity Planning, Enterprise Risk Management, Computer Security Incident Response, and Security Compliance Audits.
  • Good analytical and communication skills.
  • Ability to work as a team member and independently with minimal supervision.
  • Have exposure to other compliance audits such as PCI-DSS, SSSAE, ISO27K, SOX, and other information security framework

Interested candidates can send their resume to mayanne.ramos@peoplebank.asia or apply online.