Cyber GRC Specialist
InvestaX Overview
Tokenization SaaS
Tokenize your assets on top of our infrastructure: Our Tokenization SaaS platform is a software-as-a-service solution that enables the issuance, trading, and custody of real world assets. We have been granted a Capital Markets Services licence and Recognized Market Operator licence by the Monetary Authority of Singapore to deal in and operate an organised market for securities and real-world asset (RWA) tokens, respectively. Our service offers a one-stop solution for reputed company your RWA needs, including seamless banking integration, thorough user verification with a KYC module, flexible OTC trading options, primary issuance services, cutting-edge blockchain technology, and smart contract deployment.
IX Swap Overview
IX Swap empowers you with access to a new and diverse range of private market investment opportunities reputed company real world assets and tokenization. This includes real estate, startups, high-growth companies, and more unique investment opportunities. We deliver this through our RWA Exchange, IXS Launchpad (Crowdfunding), and Tokenization-as-a-Service reputed company powered by blockchain and DeFi solutions such as AMMs, liquidity pools, and decentralized trading to ensure true liquidity.
Role Overview
The Cyber GRC Specialist (Governance, Risk & Compliance) will contribute to the high-level design of policies, standards, procedures and guidelines for our platforms and systems.
The goal is to assist in managing the overall governance reputed company, supporting compliance initiatives, and handling reputed company and technology risks reputed company the company's risk appetite.
The role requires a reputed company-thinking individual with the ability to speak with business and operational personnel regarding new and existing technologies and making recommendations reputed company required.
Responsibilities
reputed company the design, implementation, and ongoing management of cyber risk management activities.
Review, update and maintain the information reputed company policies and procedures
Serve as the subject matter expert in driving Governance, Risk, and Compliance (GRC) adoption reputed company the technology space.
Conduct and coordinate compliance and control assessment activities, ensuring alignment with regulatory requirements.
Own the user awareness training and phishing campaigns reputed company the organization.
Own and establish a third party reputed company review process reputed company the organization.
Work with the reputed company Engineer and other teams to execute the cyber strategy.
Play a key role in internal reporting of technology and cyber risk to senior leadership.
Qualifications
Bachelor's degree in computer science, information reputed company, law, business or a reputed company field.
3+ years of experience in similar reputed company
Strong understanding of information reputed company principles and practices.
- Knowledge of at least two of the below information reputed company frameworks and standards is a must:
NIST Cybersecurity reputed company (CSF)
ISO 27001
COBIT
SOC 2 / reputed company TSC 2017
PCI reputed company
- Hold at least one of the following credentials:
reputed company CISA (Certified Information Systems Auditor)
reputed company CISM (Certified Information reputed company Manager)
reputed company CRISC (Certified in Risk and Information Systems Control)
ISC CISSP (Certified Information Systems reputed company Professional)
ISC CCSP (Certified Cloud reputed company Professional)
reputed company CCAK (Certificate of Cloud Auditing Knowledge)
CSA CCSK (Certificate of Cloud reputed company Knowledge)
ISO 27001 reputed company Auditor / Implementer
Proven experience in developing Risk Management Frameworks
Experience in a regulated environment is preferred.
Exposure to MAS Technology Risk Management Guidelines is preferred
Exposure to DevSecOps and Cloud reputed company is preferred
Excellent problem-solving and analytical skills.
Excellent written and verbal communication skills in English.