Job description

[This job id 6538 first appeared in Job-Q.com on 13 May 2026]

Job Summary

Seeking IT Security professionals with a keen interest in Governance, Risk and Compliance processes to contribute to the Security Engineering & Architect team in the implementation of Cybersecurity projects.

Mandatory Skill-set

• Degree in Computer Science, Information Security or Information Systems;
• At least 5 years of experience in IT security space with a strong experience in IT GRC (Governance, Risk and Compliance) related functions;
• Deep knowledge and understanding of internal controls, security frameworks, risk management and IT governance, auditing techniques and methodologies;
• Good knowledge of enterprise IT systems and components (applications, operating systems, databases, networks, cloud, DevOps);
• Familiar with industry standards related to IT Controls - ISO 27001, NIST, OWASP, Cloud Security;
• Experience in working with vendors to evaluate security technologies and working on proof-of-concepts (POC);
• Keen interest and knowledge on cyber security technologies (SIEM, NIDPS, CASB, VMS, Cyber-analytics);
• Strong in analytical thinking with attention to detail;
• Excellent communication and inter personal skills.

Desired Skill-set

• CISSP, CISM, CRISC, CGEIT and/or CISA certified.

Responsibilities

• Act as a Subject Matter Expert on IT Governance, Risk management and Compliance (GRC) and related policies and procedures;
• Contribute to the formulation and implementation of company wide IT governance standards and procedures in compliance with regulatory requirements;
• Collaborate with application development and external vendor teams to implement IT risk assessment checklists and operational IT Risk Controls;
• Continuously identify GRC Key risk indicators (KRI) and maintain IT Risk Register;
• Collaborate with stakeholders for risk management, mitigation and remediation measures;
• Liaise with internal and external parties for IT GRC related audits and facilitate timely remediation of issues;
• Keep abreast of the dynamic cyber threat landscape and identify opportunities for enhancement of IT risk processes;
• Work with key stakeholders in building a strong company wide risk-aware culture.

Should you be interested in this career opportunity, please send in your updated resume to apply@sciente.com at the earliest.

When you apply, you voluntarily consent to the disclosure, collection and use of your personal data for employment/recruitment and related purposes in accordance with the SCIENTE Group Privacy Policy, a copy of which is published at SCIENTE’s website

(https://www.sciente.com/privacy-policy).

Confidentiality is assured, and only shortlisted candidates will be notified for interviews.

EA Licence No. 07C5639

Scam prevention reminder: You should not make any pre-payment when applying for any job.

Illegal practices reminder: It is illegal for recruiter to collect payment (kickback) from the worker https://www.mom.gov.sg/-/media/mom/documents/publications/foreign-workers/what-are-kickbacks.pdf