Information Security Auditor
Bukit Batok Full-time
Job Nature
The Information Security Auditor will be responsible for assessing, monitoring, and ensuring the organization’s compliance with international security standards (ISO 27001), cybersecurity frameworks, and data protection regulations. The role involves planning and conducting internal/external audits, identifying risks and vulnerabilities, and recommending corrective actions.The auditor will work closely with IT, compliance, and business teams to strengthen the organization’s security posture and support certification/recertification processes.
Key Responsibilities- Audit & Compliance
Support external audits and certification processes by liaising with auditors and regulatory bodies.
Ensure compliance with data protection laws (e.g., GDPR, PDPA where applicable).
- Risk & Controls Assessment
Identify risks, vulnerabilities, and gaps in cybersecurity and data protection practices.
Recommend improvements and track corrective/preventive actions (CAPA).
- Documentation & Reporting
Provide management with clear audit findings and risk assessments.
Maintain evidence logs for ISO 27001 controls and compliance purposes.
- Stakeholder Engagement
Conduct awareness sessions to promote compliance culture.
Advise leadership on security risks, trends, and mitigation strategies.
- Continuous Improvement
Monitor changes in international standards and regulatory requirements.
Drive continuous improvement of Information Security Management Systems (ISMS).Benchmark practices against industry best standards (e.g., NIST, CIS Controls).
Qualifications & Skills
Education & Certifications- Diploma or Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or related field.
- ISO/IEC 27001 Lead Auditor / Lead Implementer certification (preferred).
- Additional certifications are an advantage: CISA, CISM, CISSP, GDPR Practitioner, CEH.
- 3–7 years of experience in information security, IT audit, or compliance. Personnel with no expereince are welcome to apply.
- Proven track record in conducting ISO 27001 audits (internal or external will be an advantage).
- Experience with data protection regulations (PDPA, GDPR etc.)
- Hands-on knowledge of cybersecurity practices, risk assessment, and incident response.
- Strong understanding of ISMS principles, risk management, and compliance frameworks.
- Ability to analyze technical controls (network, cloud, applications) from a compliance perspective.
- Excellent report writing and presentation skills.
- Strong communication, stakeholder management, and problem-solving skills.
- Ability to work independently and manage multiple audits/projects simultaneously.
RANDSTAD PTE. LIMITEDToa Payoh, 10 km from Bukit Batok
you will have at least 8 years of experience in Information Security. Exposure to cloud security will be of added advantage.
Candidates with regional / global coverage will be highly preferred.
Whats on offer
This is an excellent opportunity to join...
Nanyang Technological UniversityBukit Batok
Educational Background
• A University Degree in Information Systems, Computer Science, Cybersecurity, or a related field.
• Professional Certification(s) in incident handling and security analysis preferred.
• GCIH or its equivalent is preferred...
DBS BankToa Payoh, 10 km from Bukit Batok
Manage information security management processes, standards and procedures to ensure control effectiveness and service quality.
• Review the methodology used in Cyber defence framework to identify any potential gaps or opportunities for process...