Prudential’s purpose is to be partners for every life and protectors for every future. Our purpose encourages everything we do by creating a culture in which diversity is celebrated and inclusion assured, for our people, customers, and partners. We provide a platform for our people to do their best work and make an impact to the business, and we support our people’s career ambitions. We pledge to make Prudential a place where you can Connect, Grow, and Succeed.
The IT Governance Specialist plays a critical role in strengthening the organisation’s cybersecurity posture by overseeing and reviewing technical controls that mitigate IT security risks. The role requires a strong understanding of security frameworks, as well as hands‑on expertise in key domains such as Privileged Access Management (PAM), Identity and Access Management (IAM), and baseline configuration, firewall rule, and access reviews.
The specialist ensures that all controls are effectively aligned with internal policies, standards, and procedures, as well as external regulatory requirements, including the Monetary Authority of Singapore (MAS) Technology Risk Management (TRM) guidelines, Personal Data Protection Commission (PDPC) regulations, and other applicable financial‑sector mandates.
KEY RESPONSIBILITIES
Assist the IT Assurance lead on the following:
- Assist the IT Assurance Lead and take ownership of Privileged Access Management (PAM) and Identity and Access Management (IAM) systems, including application onboarding, privileged ID lifecycle management, and day‑to‑day BAU support.
- Conduct annual and semi‑annual company‑wide user and privileged access reviews, including remediation tracking. Propose and implement additional controls to mitigate access‑related risks and issues.
- Plan, prepare, and execute annual baseline configuration reviews and firewall rule review exercises.
- Act as a key liaison between business and IT teams to ensure access reviews and privileged accounts are effectively governed and managed.
- Ensure IT risk and security controls are implemented and remediated on time, in alignment with business strategies, organizational policies, and regulatory requirements.
- Consolidate, prepare, and provide audit evidence for internal, external, and regulatory audits related to information technology.
- Ensure IT operations and activities comply with PACS Group IT security standards, as well as regulatory guidelines issued by the Monetary Authority of Singapore (MAS) and the Personal Data Protection Commission (PDPC).
- Identify opportunities for continuous improvement and automation to enhance the efficiency and effectiveness of daily BAU activities.
QUALIFICATIONS / EXPERIENCE
- Diploma or Degree in IT, Computer Science or equivalent.
- Prior work experience in the financial industry is preferred.
- Certification in IT Security related such as SSCP, CompTIA Security+ or CEH is preferred.
KNOWLEDGE, SKILLS & ABILITY
- Basic understanding on Cyber Security, IT networking, Windows OS, technical troubleshooting, and problem solving.
- Awareness and understanding of common exploits and vulnerabilities, system hardening, firewall configuration and rules review.
- Technical skills and hands-on experience with Information Security related solutions and technology such as, Active Directory, LDAP, EDR, Antivirus, WAF, Proxy, Firewall, DLP and SIEM & Vulnerability management.
- Excellent interpersonal and analytical skills to enable the implementation of security controls, program and MAS TRM requirements.
- Sound knowledge of Information Security management frameworks such as NIST CSF, ISO 27001 & best practices.
Prudential is an equal opportunity employer. We provide equality of opportunity of benefits for all who apply and who perform work for our organisation irrespective of sex, race, age, ethnic origin, educational, social and cultural background, marital status, pregnancy and maternity, religion or belief, disability or part-time / fixed-term work, or any other status protected by applicable law. We encourage the same standards from our recruitment and third-party suppliers taking into account the context of grade, job and location. We also allow for reasonable adjustments to support people with individual physical or mental health requirements.