Cybersecurity GRC Specialist - #1125224

Responsibilities:

• Develop and enforce cybersecurity policies and drive security awareness across the organisation.

• Assess cyber risks across IT, OT, supply chain, and third-party environments; manage risk registers and remediation.

• Lead compliance and audit activities (PDPA, Cybersecurity Act, MAS TRM, ISO 27001, NIST) and maintain documentation.

• Oversee vulnerability assessments, penetration testing, and security operations performance.

• Support incident response planning, governance reviews, and management reporting.

Requirements:

• Strong analytical, communication, and problem-solving skills.

• Ability to explain technical concepts clearly and work with diverse stakeholders.

• Detail-oriented, proactive, and comfortable managing multiple priorities.

• Knowledge of cybersecurity fundamentals and best practices.

• Proficiency in Microsoft Office and Power Platform.

• A team-oriented mindset with the capability to work independently.

• Degree in Cybersecurity, Information Security or equivalent

• Preferably certified in CISM, CISSP, CRISC, ISO 27001, or equivalent.

• 5–8 years of cybersecurity experience, with at least 2–3 years in GRC roles.