Executive/Senior Executive, IT Risk & Compliance

Executive / Senior Executive, IT Risk & Compliance (CRIS HQ)

 

Overview

 

The Consortium for Clinical Research and Innovation, Singapore (CRIS) brings together six national R&D, clinical translation and service programmes to advance clinical research and innovation for Singapore, and establish important capabilities for a future-ready healthcare system.


The Business Entities under CRIS include:

 

  • Singapore Clinical Research Institute (SCRI)
  • National Health Innovation Centre (NHIC)
  • Advanced Cell Therapy and Research Institute, Singapore (ACTRIS)
  • Precision Health Research, Singapore (PRECISE)
  • Singapore Translational Cancer Consortium (STCC)
  • Cardiovascular Disease National Collaborative Enterprise (CADENCE)

 

Together, CRIS makes a positive difference to Singapore patients and researchers by ensuring that these clinical research platforms and programmes are at the cutting edge of capability development and innovation. If you are as passionate as we are in clinical trials and research, we want you!

 

What you will be working on

 

We are seeking a highly motivated individual to join our CIO Office. The ideal candidate is passionate about IT Governance, Risk and Compliance, with a solid understanding of Information Technology/Security, Cloud Implementation Methodologies, IT risk assessment and IT security compliance review. 

 

Key Responsibilities:

 

  • Conduct comprehensive due diligence, compliance evaluations, gap analyses, and risk assessments on services and solutions provided by third-party vendors.
  • Analyze, prioritizatize and classify risks. Draft risk scenario and provide recommendation of risk treatment plans.
  • Perform regular IT security and cyber risk assessments to monitor compliance with IT security and cybersecurity policies, ensuring effective and timely implementation and management of IT project risk assessment.
  • Collaborate with internal stakeholders to ensure alignment with governance requirements and facilitate audits and reviews
  • Collaborate closely with procurement teams to develop Request for Quotations (RFQ) and Request for Proposals (RFP), establish evaluation criteria, and negotiate contracts and agreements with third-party vendors effectively.
  • Coordinate with internal teams and external partners to investigate security incidents and implement remediation measures.
  • Facilitate audit initiatives by collaborating effectively with both Internal and External Auditors to ensure comprehensive support and communication.
  • Develop and maintain policies and processes related to IT governance and compliance.
  • Provide security consultancy, technical guidance, expertise, solutions, and education to stakeholders.
  • Supporting security awareness initiatives and ensuring implementation of key cyber hygiene controls.
  • Provide and support IT solution, infrastructure, policy and procedure that will improve operation effectiveness and organization success.

 

Requirements:

 

  • A Diploma or Bachelor’s Degree in Information Technology (IT), Information Security (IS), Cybersecurity, or a related field.
  • 2-3 years of experience in IT/IS, IT Governance, Risk and Compliance (GRC), or Cybersecurity roles.
  • Experience with IT Governance, Risk and Compliance activities.
  • Knowledge of cyber security threats, vulnerabilities, hacking and exploit methods.
  • Familiar with Cloud Service Modals (SaaS, IaaS, PaaS) and Cloud Security.
  • Knowledge of Medical Device/Operating Technology.
  • Excellent analytical and problem-solving skills.
  • Excellent communication and interpersonal skills, with a proven ability to collaborate effectively with diverse stakeholders.
  • Ability to work independently and as part of a team.
  • Highly driven and eager to learn.

 

 

What you need to know

 

Successful candidate will be offered a 3-year contract, renewable. We regret that only shortlisted candidates will be contacted.

 

For more information about CRIS and the Business Entities, visit our websites below:

 

CRIS – https://www.cris.sg

SCRI – https://www.scri.edu.sg

NHIC – https://www.nhic.sg

ACTRIS – https://www.actris.sg

PRECISE – https://www.npm.sg

STCC – https://www.stcc.sg

CADENCE – https://www.cris.sg/our-programmes/cadence/