MAIN PURPOSE AND SCOPE OF THE JOB
The Compliance Manager is responsible for the auditing & monitoring of Health & Safety, Environmental, Business Continuity Management, Social and Governance (ESG), Quality and Information Security & Data Protection identifying and mitigating the major risks for the company/business and ensuring compliance against business ISO standards, Legal, regulatory, contractual requirements.
MAIN DUTIES & RESPONSIBILITIES
- The registered data protection officer for SPS Singapore
- Responsible for developing & maintaining APAC country specific compliance policy and process documents, training materials, providing help and guidance and awareness to APAC based SPS employees.
- Ensuring that all data protection/security/ HSE issues from audits or risks raised are recorded, with ownership, and tracking remediation tasks to closure/mitigation/acceptance of risks.
- Management of the annual risk assessment program covering information security, data protection, health & safety, environment, and social governance
- Initiate yearly compliance activities, eg. BCP exercise, call tree test, updating of various operations / compliance documentations, vendor due diligence exercise
- Creation and maintenance of the Legal Risk Register (APAC)
- Annual site audits and management of any remediation plans (H&S/Fire/Infosec/Data Protection/ESG)
- Gathering of carbon emission data in support of global ESG reporting requirements
- Attendance at the monthly country and compliance circle meetings
- Responding to client information security assessments. Full completion and response to all Client questionnaires, including existing clients and new business opportunities.
- Incident investigation and reporting pertaining to data and HSE
- Development of the Quality Management System in support of attaining certification to ISO9001
- Administrative tasks including but not limited to: Client sales bid compliance assistance, contract reviews (Data protection terms), uploading documents to client portals
- Reviewing, updating and development of compliance policies and procedures
COMPETENCY REQUIREMENTS
- Graduate in a relevant discipline
- Preferably a minimum of 2 years experience in a similar role and size organization
- Ability to be security cleared to relevant government standards in Singapore
- Preferably background in information security controls (ISO Lead Auditor/Lead Implementation certifications)
- Good organizational skills, analytical, methodical with good decision-making skills.
- Good written and interpersonal skills with the ability to communicate with business stakeholders at all levels.
- Must be able to work well under pressure- in a team and alone.
- Ability to adapt and adjust rapidly changing priorities whilst maintaining efficiency.
- Self-motivated individual with flexible approach to working.
- Desire to build own Information Security Knowledge with a special focus on data protection law and Health and Safety regulations
- Fluency in English and Mandarin mandatory. Knowledge of Cantonese desirable.
- Able to travel to China, Hong Kong, Vietnam and Japan as required.
SKILL REQUIREMENTS
- Data Protection Practitioner (Singapore), Compliance experience in data protection
- IT Literate (Microsoft Office)
- Data Protection Law (includes incident management & reporting)
- Operational experience in information technology
- Trend / Statistical Analysis
- Presentation Skills
