Job Description:
Compliance, Governance & Audit
- Lead the annual PCI DSS audit, ensuring timely remediation of non-conformities and maintenance of required controls. .
- Coordinate and execute annual ITGC audits, collaborating with internal and external auditors.
- Continuously implement MAS TRM controls, staying current with regulatory updates and ensuring cross-departmental compliance.
- Conduct and document yearly Business Continuity Plan (BCP) testing including tabletop and DR exercises.
- Lead the development and maintenance of all key IT security and compliance documentation including Policies and Procedures.
Infrastructure Operations & Security Monitoring
- Oversee the operation and security of IT infrastructure across on-premise (DC) and cloud environments. .
- Manage vulnerability scanning tools including Nessus and Approved Scanning Vendor (ASV) scans to detect and address risks proactively.
- Monitor security dashboards, system logs, and SIEM tools to detect anomalies, threats, or policy violations. . Maintain and update IT asset inventory with data classification and lifecycle tracking.
- Respond to and investigate IT incidents, ensuring documentation, root cause analysis, and lessons learned are captured.
- Draft and refine Incident Response Plans to support regulatory preparedness and team readiness.
Project Leadership & IT Change Management
- Lead and execute technology infrastructure migration projects, ensuring minimal downtime and regulatory alignment.
- Manage vendor relationships and third-party risk assessments for key service providers (e.g., LGA, TNS, EMnify).
- Participate in change management to ensure that all changes are reviewed for impact, rollback plans, and compliance alignment.
Training, Awareness & Threat Intelligence
- Plan and conduct annual security awareness training for staff to promote a culture of security and compliance.
- Regularly monitor threat intelligence sources and cybersecurity news to ensure proactive defense against emerging risks.
- Coordinate with external consultants or industry groups for benchmarking and compliance validation.
Other Support
- Assist in QA tasks related to internal tools or applications, particularly where functionality intersects with security controls, audit requirements, or regulatory testing scenarios (e.g., BCP, DR, access control verification).
- Continue supporting application testing by developing and executing test cases for internal systems, focusing on security-related or compliance-impacting features.
Requirements
- IT related degree
- Minimum 3 years relevant working experience
- Responsible for the planning, development and creation of test scenarios and test cases for application software
- Executing of planned test scripts and recording the results and output. Any issues raised to be properly recorded, tracked and resolved
- Improve and oversee IT change management, compliance, audit, security monitoring, infrastructure operations..etc
- Assist with various other duties related to the project
- Good communication skills, both written and spoken, in English
- Compensation depends on experience
