Job Description
Role Summary: We're looking for a technically strong Compliance professional to lead and mature our cybersecurity governance, risk, and compliance program. You will own the end-to-end lifecycle for ISO 27001 and SOC 2, drive control design and testing across cloud and onprem environments, and partner with engineering to embed security-by-design. Experience with Singapore frameworks such as the Cyber Trust Mark, Data Protection Trustmark (DPTM), and ISO 42001 (AI Management System) is a strong advantage. Key Responsibilities: ISO 27001 (ISMS) Define and maintain ISMS scope, risk methodology, Statement of Applicability, and control baseline. Lead risk assessments, treatment plans, and ongoing control performance monitoring. Establish policy framework (security, access control, asset, cryptography, operations, supplier, incident, business continuity). Plan and execute internal audits coordinate external certification audits and surveillance audits. Drive corrective and preventive actions ...