We fuel the ideas and ambitions of our people with an environment built on Our DNA of Love, Entrepreneurship, Agility, and Passion LEAP
We are a culture that empowers everyone to innovate and create solutions that will leave a positive impact on our communities and our nation, Touch n Go will always be here to inspire our talents to grow as leaders and innovators giving you the power to make a difference.
Job Description:
- Governance: Support the Information Risk Management program and technology related TNGD ERM programs and reporting, e.g. Key Risk Indicators (KRI), Risk Control Self-Assessment (RCSA), Management Self-Identified Issue (MSII), Incident / Loss Event Data (LED), etc
- Program management: Supporting the implementation of programs or projects that mitigate information security risks, with particular focus on data protection goals.
- Staying and keeping informed: Keeping abreast of emerging security threats, and provide regular reports to the management on the status of the organization's data protection activities.
- Education and awareness: Driving the awareness among staff members, both new joiner and refresher for existing staff.
- Security by design: Advising on planning, purchasing, and rolling out solutions to address data security and privacy risks, and making sure IT and network infrastructure is designed with best security practices in mind.
- Security risk assessment/review: Performing security risk assessment on critical third party service providers and cloud service provider, with gaps addressed and tracked to closure.
- Security audit: Support audit on information security topics by regulators (BNM, SC, PCI, etc) or partners
- Others: Work on projects and ad-hoc tasks as required.
Job Requirements:
- Bachelor Degree in Computer Science, Engineering, Information Systems or IT security related field.
- At least 6-7 years of work experience in IT security
- Minimum 5 years experience in hands-on technical security assessment and IS due diligence
- Professional information security certifications, e.g.: Security+, CEH, ECSA, CRISC, CISA, CISM, CISSP would be an advantage.
- Familiarity with data privacy and protection frameworks (e.g. PDPA, GDPR) would be a strong advantage.
- Ability to work independently, good interpersonal and communication (oral and written) skills with the ability to influence at all levels of the organization.
- Good business acumen with critical thinking and analytical / problem solving skill.
- A demonstrated knowledge and ability to map and align internal security controls to regulatory requirements, (e.g. BNM RMiT, SC TRM), data protection frameworks (e.g. PDPA, GDPR), information security standards (e.g., NIST, ISO-27001) and other relevant guidelines.
Our Perks & Benefits:
- Hybrid, Flexi hours and home workplace subsidy.
- eWallet allowance.
- Unlimited office pantry fruits, snacks and drinks.
- Mobile and broadband subscription reimbursement.
- Flexibility to opt dependants coverage (spouse, child, parents or parents-in-law) for outpatient medical benefits.
- Additional leave including family leave and paid care leave to care for family members.
- Medical coverage including dental, optometrist, mental care, maternity, registered Traditional Chinese Medicine (TCM) and Chiropractic.
- Corporate membership discount and many more to explore.
We believe that you have what it takes to fit into the Touch n Go family and help revolutionize the Fintech industry by paving the way to a cashless society. If you're ready to take the next step, apply now!
Touch n Go is an organization that strives to provide Equal Opportunity Employment, based on merit, qualifications, capabilities, and calibre. It is Touch n Go's policy to not discriminate based on age, race, religion, colour or other personal status, identity or characteristics. Fair Opportunity is Our Value and Practice. Please advise us of any accommodations you may need by e-mailing: [Confidential Information]
Note: Only shortlisted candidates will be contacted.
