Roles & Responsibilities

NCS is the leading technology services firm that operates across the Asia Pacific region in over 20 countries, providing consulting, digital services, technology solutions, and more.

We believe in harnessing the power of technology to achieve extraordinary things, creating lasting value and impact for our communities, partners, and people. Our diverse workforce of 12,000 has delivered large-scale, mission-critical, and multi-platform projects for governments and enterprises in Singapore and the APAC region.

We’re searching for a Manager/Associate, Cyber Risk and Compliance to be part of our diverse team of talent here at NCS!

If you believe in going above and beyond, want to exemplify the best, and wish to bring people and technology together like never before, then we would love to have a conversation with you!

What we seek to accomplish together:

• Review and development of security framework, information security policies, processes / procedures, and guidelines on an ongoing basis.
• Establish risk assessment, compliance enforcement activities with these policies / procedures through ongoing security/compliance reviews, not limited to log analysis and security assessment of customer ICT systems.
• Conduct security risk management exercise, conduct table-top exercises, conduct vulnerability assessment, coordinate penetration tests activities, conduct information security awareness training for Line of Business Representatives.
• Support internal projects in the matters of security risk assessment and compliance enforcement work.
• Be the point-of-contact to assist and advise project leads for ICT security related matters.

A little about you:

• Bachelor's Degree in Information Security, Information Assurance, Computer Science and Computer Engineering.
• 4 to 7 years of relevant IT/IT Security experience.
• Possess one (or more) of the security certifications such as CISSP/CISA/CISM/ISMS Lead Auditor Certification.
• Experienced in risk assessment, compliance enforcement security and security governance.
• Good understanding of information security principles, ISO 27001 controls, Center for Internet Security (CIS) controls, Cloud Controls Matrix (CCM) controls and PCI Security Standard are preferred.
• Good working knowledge of security risk management, security governance framework and compliance (IT Security Audit / log review), application security, security technologies (system hardening, IDS/IPS, firewall), security incident response, penetration testing, vulnerabilities scanning, and security assessment.
• Internal project focused with good interpersonal skills.
• Team player with leadership qualities.

As Asia’s leading technology services firm, NCS as part of the Singtel Group, aims to create sustainable value for all our stakeholders. We aspire to create the extraordinary, to impact millions of people every day, and to create a positive impact on our environment. Our sustainability strategy sets out the key Environmental, Social and Governance (ESG) areas that aim to create the NCS impact for our clients, our people and our future.

We Grow our People, Value our Clients, and Create our Future.

We want to change the way we live and work for the better, to create new and sustainable business growth, and to foster an inclusive future for all.

You can find out more about our Group’s sustainability focus to guide how you can contribute to our objectives at Sustainability Reports.

About NCS Group

We believe in building a talent-led delivery model to enable our best people to lead, and to support them with the right structure, processes, and tools to ensure that our clients are delivered top quality services. Great work is never done alone, which is why we also believe in fostering a collaborative work environment where people with different expertise and talent can come together.

We’re here to make the extraordinary happen.

Find out more at ncs.co and our LinkedIn career site.

We handle all profiles with the highest level of confidentiality.

Tell employers what skills you have

Leadership
Security Governance
Application Security
Risk Assessment
ICT
Information Security Governance
Enforcement
Information Assurance
Risk Management
ISO 27001
Auditor
Penetration Testing
Compliance
Hardening
Vulnerability Assessment
Security Awareness