Summary
Support the governance and assurance functions of Tranglo's Information Security Program. Ensures alignment with ISO 27001:2022, BNM RMIT (TRMF/CRF), internal policies, risk management processes, and regulatory requirements. Oversees risk assessment, policies, audits, compliance monitoring, and ISMS documentation.
Key Responsibilities
- Maintain and update ISMS documents, policies, standards, and procedures.
- Conduct scheduled policy reviews and ensure compliance with RMiT driven updates.
- Coordinate governance updates with ISSC, DICs, Compliance, and Risk teams.
- Support Management review activities and ISMS performance measurement.
- Perform risk assessments for systems, suppliers, projects, and changes.
- Maintain the risk register, including controls, effectiveness, and vulnerabilities.
- Monitor compliance with ISO 27001, RMiT and contractual requirements.
- Coordinate regulatory submissions and perform TPSA due diligence.
- Manage internal/external audits, track findings, and conduct internal compliance checks.
- Maintain document control and prepare governance reports, including ISSC and Board papers.
Skills & Requirements
- Knowledge of ISO 27001:2022, NIST CSF, TRMF, CRF.
- Experience with risk management framework.
- Strong documentation and governance skills.
- Able to interpret regulatory expectations and map to controls.
- Advantage: experience with audits or ISO/SOC2
