Information and Cyber Security Engineer - (Cloud, GRC)

Job SummarySeeking an experienced Information & Cyber Security Engineer to strengthen a centralized technology function and accelerate secure cloud adoption across a regional operations footprint. The role focuses on cybersecurity risk assessment, cloud security, third party assurance, and governance in a regulated environment of a financial and banking environment.Mandatory Skill-setMust have at least 5+ years’ experience in information security, risk management, or cybersecurity roles;Must have minimum 2+ years’ hands on experience securing public, private, and hybrid cloud environments;Strong grasp of threat modelling, risk assessment methodologies, and risk mitigation approaches;Knowledge of security governance and standards (e.g., ISO 27001, MAS TRM / local regulator frameworks, NIST, CCM);Must have demonstrated experience performing: overall IT security risk assessments, vendor/third party security due diligence, and tech obsolescence reviews;Familiarity with cloud security frameworks, cybersecurity tools, and risk governance;Prior experience in banking, asset management, or other heavily regulated sectors;Proven ability to influence senior stakeholders and drive security improvements end to end.Desired Skill-setCertifications :CISSP, CISM, CRISC, CEH, CCSP, or relevant certifications from - ISC2, ISACA, SANS, Microsoft, AWS, CISCO;Proven ability to influence senior stakeholders and drive security improvements end to end;Motivated self-starter with leadership skills and the ability to work independently;Familiarity with security monitoring tools and automation/digitization of workflows;Strong analytical skills and a pragmatic approach to remediations and controls.ResponsibilitiesPlan and carry out comprehensive IT security risk assessments across applications, infrastructure and cloud services;Lead security due diligence for third party service providers, including onsite assessments where required;Identify and manage risks arising from technology obsolescence and platform end of life scenarios;Advise technology and business teams as a trusted subject matter expert on security and risk decisions;Provide guidance and oversight to regional/subsidiary security teams to ensure consistent risk management practices;Maintain and enhance security checklists, guidelines, and governance artefacts;Drive process improvements, automation and digitization to streamline risk management workflows;Produce regular risk reports and track remediation actions; keep abreast of emerging threats and security trends.Should you be interested in this career opportunity, please send in your updated resume to apply@sciente.com at the earliest.When you apply, you voluntarily consent to the disclosure, collection and use of your personal data for employment/recruitment and related purposes in accordance with the SCIENTE Group Privacy Policy, a copy of which is published at SCIENTE’s website (https://www.sciente.com/privacy-policy).Confidentiality is assured, and only shortlisted candidates will be notified for interviews.EA Licence No. 07C5639