information security grc senior analyst | sox | regional.

• Be a key driver in shaping our cybersecurity risk posture and influencing board-level security decisions.
• Work closely with CISO and senior leaders to embed security governance across all business units

About the company

Our client is an established listed company with over 30 years of experience who is a market leader within their industry. As part of their plan to invest in technology, they are now hiring an experienced IT Governance Risk & Compliance (GRC), Senior Analyst to join their team.

About the job

• Develop, implement, and maintain the ISMS based on ISO 27001, NIST CSF, and other leading frameworks.
• Manage the GRC life-cycle: risk identification, assessment, control design, treatment, monitoring, and reporting.
• Manage internal and external audits; oversee remediation plans and validate efficacy.
• Define and refine security policies, standards, and procedures; lead ongoing compliance efforts with PDPA, PCI DSS, HIPAA, GDPR, SOC 2 (as applicable).
• Deliver security training and awareness communication to enhance security culture.
• Stay ahead of the curve — monitor industry changes, emerging threats, and regulatory updates; translate into policy and upfront risk management.

Skills and experience required

As a successful applicant, you will have at least 8 years of experience in Information Security. Exposure to SOX will be of added advantage.

Candidates with regional / global coverage will be highly preferred.

Whats on offer

This is an excellent opportunity to join an established company with strong support from business stakeholders to invest in information security.

To apply online please use the 'apply' function, alternatively you can reach me at https://www.linkedin.com/in/hoonteck-nologyrecruitment. (EA: 94C3609/ R1219669)