IT Compliance & Governance Specialist – Marina bay HarborFront – Singapore

APPLY HERE

IT Compliance & Governance Specialist
Apply now Job no: 494441
Work type: Full-Time
Location: HarborFront Office
Categories: Information Technology
JOB SCOPE
Summary of Job Responsibilities
At Marina Bay Sands- the IT Compliance & Governance Specialist is responsible
for supporting the IT Compliance Lead & Senior Specialist in managing IT
compliance activities covering Governance- Risk and Compliance related
programmes within Information Services
Job Responsibilities

Develop- refine and implement information security policies- standards- procedures- checklists- and guidelines to meet the compliance and regulatory requirement

Review and update policies on yearly / quarterly basis
Coordinate and support IT compliance activities across technology and business projects
Develop and manage IT risk and security for multiple IT functional areas (e.g.- applications- systems- network) across the organization.
Execution of procedures and controls to assure compliance with applicable regulatory and legal requirements as well as good business practices
Lead and execute formal risk analysis and compliance self-assessments for various IT systems and processes and ensure assessments completed timely
Analyzes delivery and operation processes and requirements to determine conformance to security policies and procedures.
Identify tasks and controls necessary to remediate identified risks and vulnerabilities; negotiate dates for remediation to be completed
Support and track technology delivery and operation teams on remediation of new and outstanding issues
Identify- document- and assess information security vulnerabilities and risks in the information technology environment and identify systems affected
Inform stakeholders about compliance and security-related issues and activities affecting the assigned area or project
Support all IT aspects of external / internal reviews and audits (e.g.- SOX- PCI)
Work with delivery team in the preparation of the incident reporting
Work with Audit to ensure proper risk management and audit compliance
Develop and deliver IT risk & security awareness and compliance training programs
Provide risk and security briefings to advise on critical issues that may affect the business
Stay knowledgeable of current advances in all areas of information technology concerning vulnerabilities- security breaches or malicious attacks

Job Requirements

At least 4 – 5 years of combined IT and security work experience with a broad range of exposure to systems analysis- application development- systems administration
Ability to work well with key business partners across sectors and internal IT teams in a collaborative manner
Strong communications skills to be able to interact with technical and non-technical colleagues
Strong interest in IT risk management and keep abreast of the dynamic threat landscape
Maintains an up-to-date understanding of industry best practices.
Working knowledge of security issues- techniques and implications across computer platforms.
Familiarity in one or more of the following areas: application security- OS system security- database security- networking- mobile device security- cloud technologies- payment card- and web technologies
Working knowledge of SDLC- Change Control- and SQA methodologies- techniques- and general principles
Working knowledge in performing risk assessments
Knowledge in the following standards / regulatory directives: ISO 27001- SOC1- SOC2- PCI DSS- Sarbanes-Oxley- PDPA- OWASP
Knowledge and experience in mapping 3rd party vendor procedures against SOX controls
ASQ Certified Quality Auditor (CQA) or Certified Software Quality Engineer (CSQE) desirable

IT Compliance & Governance Manager – Marina bay HarborFront – Singapore

APPLY HERE

IT Compliance & Governance Manager
Apply now Job no: 494621
Work type: Full-Time
Location: HarborFront Office
Categories: Information Technology
JOB RESPONSIBILITIES
Manage- support and advise on IT compliance for technology and business projects
Manage and support subject access requests – Internal and external
Manage and support all IT aspects of SOX external / internal reviews and audits
Oversee and lead execution of procedures and controls to assure compliance with applicable regulatory and legal requirements as well as good business practice
Lead execution of formal risk analysis and self-assessments program for various Information Services systems and processes
Manage- support and advise IT Delivery and Operation teams on remediation of new and outstanding issue

Lead the IT compliance program covering Sarbanes-Oxley (SOX)- Payment Card Industry- (PCI) and Service Organization Controls (SOC)- Casino Regulatory Authority controls and internal Guiding Principles and Standard Operating Procedure

Identifying and mapping of changes required on policies on yearly / quarterly basi

Lead execution of compliance assessments – Self assessment- etc and ensure assessments completed timely
Provide guidance to IT Delivery in new system development and implementations to ensure that development effort(s) follow appropriate guidelines and regulatory controls
Liaise with IT Delivery on Technical Incident Report (TIR); ensuring approvals provided before submitting TIR to Casino Regulatory of Authority

_JOB REQUIREMENTS_

At least 6 – 8 Years proven Industry experience in designing and implementing Business Process Improvement
ASQ Certified Quality Auditor (CQA) or Certified Software Quality Engineer (CSQE) desirable
Familiar with SOC1- SOC2 reporting standards
Familiar with PCI DSS standards
Knowledge and experience of SDLC- Change Control- and SQA methodologies- techniques- and general principles
Knowledge of regulatory directives (e.g. Sarbanes-Oxley) as it relates to the controls required from systems and IT processes
Ability to work well with key business partners across sectors and internal IT teams in a collaborative manner
Knowledge of risk assessment design and delivery
Experience in proving guidance to IT controls and security requirements for technology and business partner initiatives. Ensuring that systems provide adequate protections to meet areas of legal/regulatory compliance and IT security for the integrated resort/gaming industry
Knowledge in continuous improvement in IT governance- risk- compliance and security practices based on expert knowledge in domain areas- industry best practices- business objectives and risk tolerances
Strong Knowledge in defining the Segregation of duty matrix for IT department