About the company
Headquartered in Singapore, Advance Intelligence Group a Series D-backed Tech Unicorn valued at US$2 billion, and also one of the largest independent technology startups based in Singapore. Founded in 2016, the Group has over 2000+ employees and has presence across South and Southeast Asia, Latin America and Greater China serving 700+ enterprise clients, 150,000+ merchants and 30 million+ consumers. The Group is backed by top tier investors SoftBank Vision Fund 2, Warburg Pincus, Northstar, Vision Plus Capital, Gaorong Capital, Pavilion Capital, GSR Ventures and Singapore-based global investor EDBI. We are also ranked among LinkedIn's Top 15 Startups in Singapore in 2022 - the third year in a row we've been on the list.
Job Summary
Responsibilities
šCoordinates the continuous development, implementation and updating of security and privacy policies, standards, guidelines, baselines, processes, and procedures in compliance with local regulations and standards šProactive identification and mitigation of IT risks as well as responding to observations identified by third party auditors or examiners while assisting in the development of periodic reports and dashboards presenting the level of controls compliance and current IT risk posture šConducted audits and facilitate management response and remediation efforts. Ensure overall IT compliance with regulatory and standard requirements through proactive planning and communication, ownership, and relationships šBroaden and deepen knowledge of the business and environment of IT with respect to the delivery of projects, strategic initiatives, and systems, portfolios to effectively assist IT staff with risk and compliance management šReceives allegations of security incidents and conducts complex investigations; prepares written findings, recommendations and follow up evaluation; and analyses patterns and trends šImplement and maintain security control tools šPerform a vulnerability test on the local environment (using tools) šConduct counteractive protocols and report incidents. They offer customized risk ratings for vulnerabilities based on company policies and maintain IT security controls documentation šDevelop custom systems for specialized security features and procedures for software systems, networks, data centers, and hardware (working closely with Senior IT Infrastructure)
Requirements
š5+ years of experience in the IT Security area šBachelor's degree in computer science, information technology, or a related field šKnowledge of IT processes and controls and strong understanding of risk and control frameworks such as (Cob IT, ISO, NIST, ITIL) šGeneral knowledge of information security regulatory requirements and standards such as ISO 27001/2, SANS top 20 and NIST 800-53 šExperience in risk, compliance, and information security policy development šExperience in Cyber Security area SAST (Static Application Security Testing) and DAST (Dynamic Application Security Testing) šExperience in handling OJK Audit Process
