Tech Risk Analyst

• Conduct risk assessment on digital solutions and third parties. Identify potential risks and provide options to protect the OT critical infrastructure, ICT Infrastructure, application systems and cloud environment.

• Conduct compliance check on internal controls to ensure compliance with established policies and applicable regulations.

• Assist in developing policies, standards and guidelines to safeguard digital assets in adherence to business needs, industrial best practices and regulatory requirements.

• Provide advisory services to internal departments on business digital initiatives using Security By design / Zero Trust framework to ensure consistency in controls.

• Manage security projects and solution implementation activities that address cybersecurity risks.

• Plan, design and conduct cyber security incident response workshops and exercises (table-top exercises, simulation, and drills)

• Be aware of latest industry standards, regulatory requirements and the potential impacts to cybersecurity policies, standards and procedures.

• Minimum 5 years’ experience in Cybersecurity, Risk and Compliance

• Knowledgeable in security standards or regulations such as NIST, ISO 27001, SOC2, CCOP (SG), PDPA (SG), GDPR(EU), MPLS(CN), Security by Design

• Technical know-how and experience in solutions such as (but not limited to)

• Certifications such as CISA, CISM, CISSP, GICSP, CCSK, CRISC will be an added advantage

• Knowledge in OT solutions and security will be an added advantage

Flintex Consulting