Enable job alerts via email!
Compliance Manager
ONESECURE ASIA PTE. LTD.
Singapore
On-site
SGD 80,000 - 120,000
Full time
Generate a tailored resume in minutes
Land an interview and earn more. Learn more
Job summary
A cybersecurity firm in Singapore is seeking a technically strong Compliance professional to lead their governance, risk, and compliance program. You will be responsible for the end-to-end lifecycle for ISO27001 and SOC2, drive control design and testing, and ensure alignment with local regulations. The ideal candidate will have significant experience in cybersecurity governance and a thorough understanding of compliance frameworks. This role involves collaboration with engineering to embed security into development processes.
Qualifications
- Strong experience in cybersecurity governance and compliance.
- Familiarity with Singapore regulatory frameworks and standards.
- Proven leadership skills in managing compliance and risk.
Responsibilities
- Lead and mature cybersecurity governance, risk, and compliance program.
- Define policies and maintain ISMS scope and control baseline.
- Conduct risk assessments and coordinate audits.
- Design and implement technical controls with engineering teams.
- Oversee third-party risk management and supplier due diligence.
Skills
We’re looking for a technically strong Compliance professional to lead and mature our cybersecurity governance, risk, and compliance program. You will own the end-to-end lifecycle for ISO27001 and SOC2, drive control design and testing across cloud and on‑prem environments, and partner with engineering to embed security-by-design. Experience with Singapore frameworks such as the Cyber Trust Mark, Data Protection Trustmark (DPTM), and ISO42001 (AI Management System) is a strong advantage.
- Define and maintain ISMS scope, risk methodology, Statement of Applicability, and control baseline.
- Lead risk assessments, treatment plans, and ongoing control performance monitoring.
- Establish policy framework (security, access control, asset, cryptography, operations, supplier, incident, business continuity).
- Plan and execute internal audits; coordinate external certification audits and surveillance audits.
- Drive corrective and preventive actions (CAPA) and continual improvement.
- Map Trust Services Criteria (security, availability, confidentiality; privacy and processing integrity where applicable) to technical and operational controls.
- Orchestrate readiness assessments, evidence collection, control testing, and audit facilitation.
- Implement robust evidence management, logging, monitoring, and exception handling processes.
- Align system description, complementary user entity controls (CUECs), and subservice organization monitoring.
- Cyber Trust Mark (CSA): Lead gap assessments, control implementation, and attestation readiness.
- DPTM (PDPC): Align data protection controls to PDPA, privacy governance, DPIAs, consent/notification, retention, and data subject rights processes.
- ISO42001 (AI MS): Support AI governance (policy, risk, data quality, model lifecycle, bias/ethics, transparency), control testing, and audit preparation.
- Translate security requirements into technical controls (cloud, network, identity, endpoint, data protection).
- Partner with engineering/DevOps to embed controls in CI/CD, IaC, containers/Kubernetes, and SDLC (secure design, code review, dependency/vuln management).
- Operate/assess logging, SIEM use cases, alerting, and incident response playbooks.
- Run continuous control testing, vulnerability management (scanning, remediation SLAs), and configuration baselines (CIS, benchmarks).
- Oversee third-party risk management, DPAs, and supplier due diligence
- Own the GRC roadmap, risk register, metrics (KRI/KPI), and compliance dashboarding.
- Lead awareness and role-based training; drive a culture of compliance and security‑by‑design.
Prepare concise executive reports and findings for leadership and stakeholders.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
