Listing Description
Reporting To
Director, Security
In Brief
EVYD is building a future where everyone can access better health. As a Manager of Security Compliance in our Technology department, you will ensure the company’s platform, products, and services meet security policies and regulations.
Key Deliverables
- Prepare gap analysis reports on security and privacy policies and regulations and suggest appropriate actions to cover.
- Prepare data protection advice documents for EVYD Cloud platform, products, and services.
- Oversee the creation and maintenance of compliance strategy plans for EVYD Cloud for geographies we have business in.
Responsibilities
- Research, analyze, and apply global security and privacy policies and related regulations, laws, and standards and provide gap analysis.
- Implement required controls to address compliance risk.
- Provide data protection advice, Information Security, and Privacy issues for EVYD Cloud platform, products, and services.
- Design and oversee the compliance strategy for EVYD Cloud for geographies we have business in, including the United States and APAC. Support and collaborate with needs in other regions.
- Stay aware of trends of global trends for tech compliance market regulation, law, and industry standards.
- Understand new product features and advice on compliance risks.
- Manage internal and external audit projects.
- Assist business teams to support Customer audit/compliance requests.
Requirements
- Minimum of 8 years of experience in information technology and security governance, with a minimum of 5 years of experience in security and privacy. Experience in ICT or internet service industry is a plus.
- Bachelor's degree minimum, preferably IT-related and at a post-graduate level.
- Possessing a professional certification in information security and privacy will be an advantage.
- Proven knowledge of risk and information security management standards, frameworks, and methodologies, such as HIPAA, SOC, PCI-DSS, ISO series, and CSA.
- Proven and strong capability to communicate information security and risk-related concepts effectively to the business at all levels.
- Ability to act with integrity and maintain an ethical mindset.
- Good written and spoken English is essential. Ability to speak good Mandarin to liaise with stakeholders will be an advantage.
- Enjoys working in a fast-paced environment and performs well under pressure and strict timelines.
- Based in Singapore and willing to travel up to 30% of the year.
Listing Details
- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Not Provided