Manager (Compliance)

Job Responsibilities:

• Establish and maintain Certificate Policy (CP) and Certification Practice Statement (CPS).
• Oversee and ensure CA/CR implementation and processes compliance with the CP, CPS and IMDA's regulations/requirements.
• Oversee segregation of duties between operations manager, PKI Manager and vendor(s).
• Conduct periodic reviews of PKI operations, access logs and change management.
• Establish and maintain the plans and processes for incident management, BCP/DR and risk assessments.
• Conduct periodic simulation exercise of the established incident response plan, BCP and DRP.
• Manage external and internal audits.
• Provide compliance reports to ITSC, management, regulators and auditors as required.
• Ensure all CA personnel, including vendor staff, have signed confidentiality and security agreements.

Job Requirements:

• Background in Computer Science, Information Systems, Information Technology, or related.
• Minimum 5 years of combined experience in PKI operations and compliance/audit.
• Hands-on experience with X.509 certificates, AWS Private CA, OCSP/CRL would be advantageous to the candidate.
• Strong knowledge of PKI compliance frameworks and/or regulations (e.g. Electronic Transactions Act 2010) would be advantageous to the candidate.
• Certifications such as CISA, CISM or CISSP would be advantageous to the candidate.
• Excellent technical writing (policies, audit evidence, compliance reports).