Information Technology - Compliance Officer

Singapore
Permanent
Full-time

1 month ago

Job DescriptionThis position reports to the Chief Compliance Officer in Kris+ and is a functional member of the Group Information Security Team (Infosec) responsible for ensuring compliance readiness with PCI DSS and MAS TRM standards for the SIA group.This role requires creating, maintaining, and executing compliance programs while monitoring business activities to maintain the organization's PCI compliance certification.Key Responsibilities

Understand SIA's business operations and ensure compliance to regulatory IT requirements.
Develop, maintain, and execute an assurance program ensuring full compliance with:
PCI DSS and other card payment certifications
MAS TRM certification
Define scope and review the results of security tests, reviews and audits to ensure PCI DSS and MAS TRM assurance is achieved
Work with respective Businesses to align operations and safeguards for the protection of payment information
Recommend and drive improvements to operations, processes and activities to ensure PCI DSS and MAS TRM compliance for the organisation
Assess and recommend amendments in the Group policy to align PCI DSS and MAS TRM controls
Keep up with new developments in PCI DSS, MAS TRM and other related information security standards (ISO/IEC 27001, NIST CSF 2.0, SOC 2 Type II) and assess the impact of such changes on organization
Keep up to date on emerging security threats and vulnerabilities for SIA Group
Provide security consultancy, technical guidance, expertise, solutioning and education on PCI DSS and MAS TRM compliance matters
Manage individual program priorities, deadlines and deliverables
Support Infosec's efforts in other information security standards compliance like NIST CSF 2.0
Support ongoing initiatives in improving infosec process (business critical assessments and risk management) and supporting systems
Provide advisory and consultancy on Infosec improvements
Any relevant ad-hoc information Security duties

This is an individual contributor role.Requirements

Degree in IT or related fields
Minimum 8 years of experience in information security
Minimum 4 years of experience in PCI DSS and MAS TRM audit or internal compliance
Professional experience as PCI QSA/ISA, MAS TRM, ISO27001 preferred
Related professional certifications in Information Security (CISSP, CISA) and auditing preferred
Good practical understanding of international security standards (ISO27001, NIST, SOC 2 Type II)
Technical proficiency in one or more security areas: network design, cloud, zero trust, Internet of Things, cryptography, AI, etc.
Working knowledge of secure application development techniques
Strong understanding of networking, data security principles, system and application security
Strong oral, written, and interpersonal communication skills with ability to communicate at all levels
Positive attitude with drive, initiative, enthusiasm, and urgency in resolving high-priority issues
Ability to work independently and collaboratively in a team environment

We thank all candidates for your interest in Singapore Airlines, and regret that only shortlisted candidates will be notified.1584

Singapore Airlines

Apply Now