Job Requirements
Skills
This job post is managed by
Job description for Information Security Consultant (REMOTE) at Stendard
- Min. Diploma in information security or related fields
- Preferably 3 to 5 years experience as a Consultant, QA, QMS and/or ISMS role handling and auditing information security standards, such as ISO/IEC 27001:2013 and other cyber security related standards
- Preferably experienced in the implementation of security controls for cloud-based web application or experienced in ISO/IEC 27018:2019 Information technology — Security techniques — Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors
- Preferably possesses knowledge in ITIL standards of IT service management
- Preferably experienced in Vulnerability Management and Penetration Testing
- Having knowledge in GDPR & SOC2 controls will be an advantage
- With a keen interest to learn and explore other industrial standards, which will help Stendard scale new industries and markets
- Open-mindedness towards challenges in a startup environment
- Proficient in written and spoken English is a MUST
- To understand the clients’ businesses and nature of product, and to lead and manage the project through the Gap Analysis, Training, Document Review, implementation and Audit activities to achieve compliance/certification to information security and cyber security standards/regulations
- To understand medical device related standards/regulations and integrate with the cyber security standards/regulations
- To perform security testing to the clients’ software product
- To establish Information Security Management System (ISMS) in the company, based on applicable standards/regulations, such as ISO/IEC 27001:2013 and its derivative, Singapore PDPA, EU GDPR, etc
- To monitor and maintain the effectiveness of Information Security Management System (ISMS) in the company by performing tests, internal audit, and other relevant measure
- To be familiar with information and cyber security standards such as ISO/IEC 27001:2013 and to keep the content of documents updated on Stendard Solution Software. This can be based on customer feedback or partners’ request on local regulations
- To translate new and complementary information and cyber security standards’ (other than ISO/IEC 27001:2013) requirements into documents (Manual, SOPs, Forms) and define the applicability of the requirements for the different types of businesses on Stendard Solution
- To create tutorial and supplementary materials for Stendard e-learning academy. The purpose is to work towards Stendard’s vision of educating companies to handle their compliance activities independently
- To translate customer feedback and learning into new Stendard Solution software offering/features as continuous innovation
Glints Safety Tips
Don't provide your bank or credit card details when applying for jobs. Legitimate employers and hiring managers do not require an application fee or expect you to pay for training.
Learn More