Job Description
JJ Consulting Services is a recruitment firm and preferred partner for multinational companies expanding in Asia. Our consultants bring deep industry and functional expertise, delivering top professional and staffing solutions to clients and candidates. Our client is a leading company in Singapore. You will lead the design and implementation of a strategic cybersecurity governance, risk, and compliance (GRC) framework. Your mission is to embed risk management into all digital systems, transforming GRC into a business enabler across IT, Cloud, and Operational Technology environments. Responsibilities Establish and maintain dynamic security risk registers that reflect current threats and project statuses across agencies Lead senior management risk discussions by translating complex technical risks into clear business impacts to guide resource prioritization Develop and implement a consistent risk analysis framework that enables agencies to take calculated risks for innovation Create and uphold unified Threat Risk Assessment (TRA) standards for Cloud, Web Applications, and OT/ICS domains Develop SOPs for identifying critical information assets ("Crown Jewels") and mapping comprehensive threat vectors Define and enforce standardized security controls that effectively mitigate identified risks beyond baseline compliance Lead the development and execution of a Zero Trust Framework emphasizing identity-based security and micro-segmentation Provide expert governance, risk, and compliance advisory during the design of high-impact systems to ensure security-by-design Evaluate and recommend security technologies that address specific risks and maintain defense relevance against evolving threats Establish frameworks for managing third-party and software supply chain risks, including assessing cyber-resilience of vendors and dependencies Drive agencies toward continuous compliance readiness and proactive audit preparation Oversee closure of audit findings by ensuring substantive
