Prudential’s purpose is to be partners for every life and protectors for every future. Our purpose encourages everything we do by creating a culture in which diversity is celebrated and inclusion assured, for our people, customers, and partners. We provide a platform for our people to do their best work and make an impact to the business, and we support our people’s career ambitions. We pledge to make Prudential a place where you can Connect, Grow, and Succeed.
In this role, you will manage and support the security governance related activities within Prudential such as data loss prevention, security related audits, ensure compliance with policies and regulations, security architecture reviews, DevSecOps release management and security risk management activities. You will collaborate with various stakeholders to provide security reporting on risk metrics, manage security activities such as phishing campaigns and mitigate security risks with appropriate controls within the organization. This position reports to the Head of IT Security.
- Ensure compliance with regulatory requirements such as PDPA & MAS TRM and Prudential group policies, standards and procedures pertaining to security.
- Track and monitor relevant security metrics for reporting and action review.
- Drive the collaboration with group to strategize, plan and execute security initiatives to enhance controls within the organization.
- Provide regular reports to senior management on security metrics status.
- Identify and assess security risks and develop mitigation strategies to address potential threats.
- Drive continuous improvement in security governance processes.
- Support audit activities relating to security.
- Review and provide consultation on security architecture to enhance the overall security operating environment and controls
- Develop and deliver security training and awareness programs to educate employees on security best practices.
- Manage and drive the data loss protection initiatives within the organization from education, reporting, execution and policy reviews.
Who we are looking for:
Competencies & Personal Traits
- Proven experience in security governance or a related field.
- Strong understanding of IT security governance frameworks and best practices.
- Ability to communicate security technicalities to business
- Excellent communication skills and the ability to work with cross-functional teams.
- Strategic thinker with the ability to manage complex projects and make data-driven decisions.
- Ability to work both independently and within teams with strong initiative
Working Experience:
- Minimum of 7 years of experience in IT security governance, with at least 3 years in a leadership role.
- Experience with IT governance, risk, and compliance (GRC) tools and processes.
- Experience managing security activities. (e.g. Phishing, penetration tests, security assessments, etc.)
Education:
- Bachelor's degree in computer science/engineering or a related field.
- Certifications in IT Asset Management or IT security governance are highly desirable. (e.g. CGEIT, CISSP, CISA, CISM, CRISC)
- Technical certifications such as OSCP (+), OSWE, CRTP, cloud certifications, CRTSA is a plus.
Prudential is an equal opportunity employer. We provide equality of opportunity of benefits for all who apply and who perform work for our organisation irrespective of sex, race, age, ethnic origin, educational, social and cultural background, marital status, pregnancy and maternity, religion or belief, disability or part-time / fixed-term work, or any other status protected by applicable law. We encourage the same standards from our recruitment and third-party suppliers taking into account the context of grade, job and location. We also allow for reasonable adjustments to support people with individual physical or mental health requirements.