Governance, Risk & Compliance (GRC) Specialist - 1 Year Contract

Information Technology

$4200 - $8500 monthly

Apply Via MyCareersFuture Save this job
Job Description

Job Summary:

The Governance, Risk, and Compliance (GRC) Specialist will manage the organization’s risk, compliance, and governance frameworks, focusing on data protection, cybersecurity, and finance-related regulatory compliance. The role involves ensuring adherence to ISO 27001, PDPA, GDPR, PCI-DSS, and financial regulations such as MAS and SEC requirements. The GRC Specialist will collaborate with technical teams to secure cloud environments (AWS/GCP) and ensure compliance with fintech industry standards.

Key Responsibilities:

Governance:

  • Develop and maintain governance frameworks, policies, and procedures that align with ISO 27001, PDPA, GDPR, MAS, SEC, PCI-DSS, and other relevant regulations.
  • Ensure governance policies address data security, privacy, and regulatory requirements for the financial sector.
  • Conduct periodic reviews of governance policies to reflect new regulatory changes and emerging security threats.

Risk Management:

  • Conduct risk assessments related to data privacy, cloud infrastructure (AWS/GCP), cybersecurity, and financial compliance (MAS, SEC).
  • Work with technical and legal teams to mitigate identified risks and ensure compliance with financial regulations.
  • Maintain a risk register and provide regular reports on risk exposure, particularly related to finance-related compliance.

Compliance:

  • Ensure compliance with financial regulations such as Monetary Authority of Singapore (MAS), Securities and Exchange Commission (SEC), AML, PDPA, GDPR, and PCI-DSS.
  • Support internal and external audits related to ISO 27001 certification, financial regulatory compliance, and data security standards.
  • Monitor data flows to ensure proper encryption, access controls, and compliance with financial industry regulations.

Data and Cloud Security:

  • Collaborate with data and cybersecurity teams to secure AWS and GCP environments using best practices, including identity and access management (IAM), encryption, and monitoring.
  • Ensure that data handling practices comply with financial regulations and ISO 27001/GDPR/PDPA standards.
  • Implement and monitor encryption and access control measures to protect sensitive financial data.

Incident Response:

  • Assist in developing incident response plans to manage breaches and cybersecurity threats, particularly in compliance with financial industry regulations.
  • Investigate and respond to security incidents, ensuring the organization remains compliant with reporting requirements under MAS, SEC, and other regulatory bodies.
  • Prepare post-incident reports, outlining actions taken and any improvements to be made to prevent future incidents.

Training and Awareness:

  • Develop and deliver training to ensure staff understand governance, risk, and compliance policies, including finance-related regulations.
  • Promote compliance with MAS, SEC, and other financial regulations through ongoing awareness programs and updates.

Qualifications:

  • Bachelor’s degree in Information Security, Cybersecurity, Computer Science, Data Management, Risk Management, or a related field (Master’s degree preferred).
  • 3-5 years of experience in governance, risk, compliance, or cybersecurity roles, preferably in fintech or other highly regulated industries.
  • Relevant knowledge of ISO 27001, PDPA, GDPR, MAS, SEC, AML, PCI-DSS, and cloud security (AWS/GCP).
  • Experience with data protection, encryption, and secure data storage techniques.
  • Familiarity with risk management frameworks and vulnerability assessment tools.

Personal Attributes:

  • Strong attention to detail with excellent problem-solving skills.
  • Excellent communication skills to work effectively with technical, legal, and regulatory teams.
  • Proactive approach to identifying and mitigating risks related to financial compliance and security.
HARBOURFRONT AVENUE,KEPPEL BAY TOWER,1, ,098632
Other open positions

New positions coming soon.