Job Application for Security Compliance Engineer at StraitsX

About the Role

We are seeking a dedicated Security Compliance Engineer to join our Security team. In this role, you will lead our efforts in maintaining alignment with global standards (such as ISO 27001 and PCI DSS/3DS) and ensuring strict adherence to MAS regulatory requirements. You will act as the vital bridge between technical security operations and regulatory excellence.
Beyond internal governance, you will serve as a Security Consultant for external client projects, guiding them through ISO 27001 implementations and helping them cultivate a robust, resilient cybersecurity culture.

What Will You Do

Lead the end-to-end lifecycle of our certification, including conducting internal audits, performing risk assessments, and facilitating management reviews.
Provide ISO 27001 guidance and providing on-site support during their external audit processes.
Partner with the Card Issuing team to drive readiness for PCI DSS audits, ensuring all technical and procedural controls are met.
Gather the document or the evidences required by audit or regulator.
Collect necessary documentation and evidence for audits and regulatory purposes.
Work cross-function to ensure that we are adopting security controls that align with both regulatory requirements and operational efficiency.
Monitor the security policies and ensure that any non-conformities or gaps identified during audits are properly remediated in a timely manner.

What We Are Looking For

0-2 years of Consultant or IT Audit experience.
Bachelor’s degree in a relevant field (e.g., IT, Computer Science, Cybersecurity, Information Management, Law, ) or a proven track record in GRC (Governance, Risk, and Compliance).
Certification as an ISO 27001:2022 Lead Auditor or Internal Auditor, CISA, or equivalent are preferred, but not required.
Basic familiarity with security frameworks such as ISO 27001, PCI DSS, or MAS TRM.
Basic documentation skills and the ability but with willingness to act as a consultant.

Create a Job Alert

Interested in building your career at StraitsX? Get future opportunities sent straight to your email.

First Name

Last Name

Preferred First Name

Country

Phone

Location (City)

Resume/CV*

Accepted file types: pdf, doc, docx, txt, rtf

Cover Letter

Accepted file types: pdf, doc, docx, txt, rtf

LinkedIn Profile

GitHub URL

How long is your notice period?

Are you fluent in Mandarin?

Select...

Are you fluent in English?

Select...

PDPA Notice

Select...

When you apply to a job on this site, the personal data contained in your application will be collected by Fazz Financial Group Pte. Ltd. and/or its associated companies (“Controller”). The Controller’s data protection officer can be contacted at dataprotection@straitsx.com. Your personal data will be processed for the purposes of managing Controller’s recruitment related activities, which include setting up and conducting interviews and tests for applicants, evaluating and assessing the results thereto, and as is otherwise needed in the recruitment and hiring processes. Such processing is legally permissible under the First Schedule, Part 3, Paragraph 10 of the Personal Data Protection Act (PDPA) as necessary for the purposes of the legitimate interests pursued by the Controller, which are the solicitation, evaluation, and selection of applicants for employment. You are responsible for ensuring that the personal data you provide is accurate and complete. If you provide us with personal data relating to another individual (for example, as a referee or emergency contact), you represent and warrant that you have obtained that individual’s consent in accordance with applicable data protection laws (including the PDPA) for us to collect, use, and disclose their personal data for the purposes described above. You also confirm that you have retained proof of such consent and will provide it to us upon request.

Access to your personal data will be limited to authorized personnel involved in the recruitment and hiring process. Your personal data will be shared with Greenhouse Software, Inc., a cloud services provider located in the United States of America and engaged by Controller to help manage its recruitment and hiring process on Controller’s behalf. Accordingly, if you are located outside of the United States, your personal data will be transferred to the United States once you submit it through this site. The Controller will ensure that such transfers are subject to arrangements that provide a standard of protection comparable to that under the PDPA.

In accordance with Section 25 of the PDPA, the Controller will cease to retain documents containing your personal data, or remove the means by which the data can be associated with you, as soon as it is no longer required for (a) the purposes for which it was collected, or (b) for legal or business purposes, including considering you for future opportunities. Under the PDPA, you have the right to request access to your personal data, to request that your personal data be rectified, and to withdraw your consent to the processing of your personal data. To exercise these rights or to withdraw your consent, you may contact the Controller’s data protection officer using the details above.

Please note that providing your personal data is necessary for us to evaluate your job application. If you do not provide the required personal data, or if you later withdraw your consent to its collection, use, or disclosure, the Controller will not be able to process your application, and your candidacy for employment will not be considered. For more information on how we handle personal data, please refer to our Privacy Policy at https://www.straitsx.com/legal/privacy-policy.

Security Compliance Engineer

Apply for this job