Back to job search

Technology Risk Manager

  • Location:

    Singapore

  • Job type:

    Permanent

  • Published:

    about 3 years ago

  • Salary range:

    7000 - 14000

  • Expiry date:

    2021-04-06

Context of the role:

Reporting to the Chief Operating Officer, the Technology Risk Manager shall support in the design, implementation and maintenance of the security, risk and compliance policies and controls for Contour’s information security management system (ISMS) in line with IS27001 standards. In collaboration with Engineering and Operations teams, you will ensure that the controls are effectively implemented to preserve the security of our infrastructure and customer’s data, whilst not being a blocker of our continuous delivery processes. You will also advise the company and our customers on our latest security initiatives, as well as look holistically at our security risks and mitigation approaches.


Job requirements

  • 5 or more years direct experience in a technology risk role specializing in security, risk and compliance governance activities

  • You will have worked in an organisation that has achieved ISO 27001 certification or SOC 2 attestation, and been part of the journey and understand the practices which need to be adopted for achieving different certifications

  • We believe that we work better as a team, and hope you share that belief. You'll be working in a diverse group of people with a variety of skills and backgrounds, a high level of emotional intelligence will be assumed.

  • You'll need excellent communication skills, both verbal and written. You should be confident in explaining security terms and principles to an audience who may not be familiar with the underlying concepts.

  • A firm understanding of the security practices which should be adopted for different legal and regulatory requirements such as PCI-DSS, GDPR, or different regulatory bodies.

  • Experience in conducting security assurance/assessment activities and able to demonstrate process improvements to enhance the maturity of security controls.

  • Financial services experience would be ideal, but experience in organisations with a mature security environment would be preferable too, e.g. large consultancy firms, telecoms, pharmaceuticals, or critical infrastructure.

  • You will have a solid appreciation of the variety of technical controls available to Contour including endpoint security, identity and access management, network security controls (firewalls, VPN), intrusion detection, vulnerability management, and security event management/log analysis tools. You won't be expected to be hands-on with these tools, but you'll certainly need to be aware of how they fit within the control environment which you will help to design and operate.

  • Ability to develop a deep technical understanding of the unique challenges and threats posed by enterprise blockchain in order to develop appropriate mitigation strategies (knowledge of Cloud Computing, PKI, Blockchain/Corda is a bonus)

  • Relevant professional qualifications would be great. We'd love an ISO 27001 lead auditor on the team. You'll need to demonstrate that any certifications you claim are valid and current.

  • An engineering or science degree would be great, as would, an appropriate MSc. Appropriate career experience is just as important though. Be prepared to tell us all about that experience.

33 Talent

33 Talent is your integrated HR partner providing bespoke recruitment, HR consultancy and coaching services into digital, data and communications across APAC and the rest of the world.

When you put people first, amazing things happen. We’re empowering people to thrive by helping employers hire, engage and unleash the best fits for their business. Please get in touch or feel free to make referrals to hello@33talent.com - we'd love to hear from you!

33 Talent Singapore Private Limited

CEI Number: Prerna Agarwal R1330697

EA License Number: 13C6298