Yoda Tech
Website:
yoda-tech.com
Job details:
Company Description
Yoda Tech Pte. Ltd., headquartered in Singapore, specializes in leveraging automation and robotics to simplify digital transformation. By focusing on smaller, actionable digital initiatives using micro-bots, Yoda Tech aims to reduce IT operations expenditures. The company provides expertise in automation, application development, infrastructure management, and IT maintenance. Yoda Tech is dedicated to delivering innovative, efficient, and scalable solutions for its clients, ensuring continuous improvement in operational processes.
Job Summary
We are seeking a highly motivated and detail-oriented SecOps GRC (Security Operations, Governance, Risk & Compliance) professional with 4+ years of experience in cybersecurity governance, risk management, compliance operations, and security monitoring support. The ideal candidate will have hands-on exposure to information security frameworks, audit management, risk assessments, vulnerability governance, and security operations coordination across enterprise environments.
Key Responsibilities
- Support and manage Governance, Risk & Compliance (GRC) activities across the organization.
- Conduct security risk assessments, control reviews, and gap analysis against industry standards and regulatory frameworks.
- Ensure compliance with standards such as ISO 27001, SOC 2, GDPR, HIPAA, PCI-DSS, NIST, CIS, etc.
- Coordinate internal and external security audits, compliance assessments, and remediation tracking.
- Work closely with Security Operations (SecOps), Infrastructure, Cloud, and IT teams to track and mitigate security risks.
- Monitor security incidents, vulnerabilities, and remediation activities from a governance and compliance perspective.
- Maintain and update security policies, standards, procedures, and SOP documentation.
- Assist in third-party/vendor risk assessments and compliance reviews.
- Support vulnerability management governance including remediation tracking and reporting.
- Prepare dashboards, compliance reports, audit evidence, and executive-level risk summaries.
- Participate in security awareness initiatives and compliance training programs.
- Collaborate with stakeholders to implement security controls and continuous compliance improvements.
Required Skills & Experience
- 4+ years of experience in Information Security, Cybersecurity Governance, Risk & Compliance, or SecOps.
- Strong understanding of security frameworks and standards including ISO 27001, NIST, SOC 2, PCI-DSS, GDPR, etc.
- Experience in conducting risk assessments, audit coordination, and compliance management.
- Knowledge of Security Operations concepts including SIEM, incident response, vulnerability management, and endpoint security.
- Familiarity with cloud security and compliance for environments such as Azure, AWS, or GCP.
- Experience with GRC tools and ticketing platforms.
- Strong documentation, reporting, and stakeholder communication skills.
- Ability to work cross-functionally with technical and non-technical teams.
Preferred Qualifications
- Certifications such as ISO 27001 Lead Implementer/Auditor, CISA, CRISC, CISSP, Security+, CEH, or equivalent.
- Exposure to cloud security governance and DevSecOps practices.
- Experience in enterprise environments with multi-region compliance requirements.
- Understanding of regulatory and privacy requirements.
Education
- Bachelor’s degree in Computer Science, Information Security, Cybersecurity, IT, or related field.
Good to Have
- Experience with SIEM platforms such as Splunk, Sentinel, QRadar, or ArcSight.
- Familiarity with vulnerability tools such as Nessus, Qualys, Rapid7, or Tenable.
- Knowledge of IAM, PAM, endpoint security, and security monitoring tools.
Click on Apply to know more.