About Syfe
Syfe is a digital investment platform with a mission to empower people to grow their wealth for a better future. Built on the pillars of advice, access and innovation, we cater to the full spectrum of an individual's wealth needs across diversified proprietary portfolios, cash management solutions and a state-of-the-art brokerage.
The Syfe team combines world-class financial expertise with best in-class technology talent. Excellence in execution is in our DNA and we offer equity ownership to all employees regardless of seniority and designation.
We are regulated by the financial authorities across Singapore, Hong Kong and Australia. In Singapore alone, where we are headquartered, over 100,000 investors trust Syfe to grow their wealth.
Since its founding, Syfe has raised US$79 million from world-class investors. The company has won multiple awards including Wealth Management Fintech of the Year by the Asian Banking and Finance Awards, as well as being recognized as one of the Top LinkedIn Startups in Singapore.
Who are we:
While we are a diverse set of people, we value the following core traits:
Fast learning: We often require learning new tools and technologies. We believe in adopting them if they are particularly well suited for our problems, instead of limiting ourselves to what we already know. However, we are always short of time and therefore have to learn fast.
Versatility: While each one of us has a core skill, we possess at least one secondary skill as well. Apart from allowing the team to be fluid, it also helps us understand how all pieces (frontend, database, network, servers, etc.) fit together.
Madness about quality: Put together, individual lines of code should be robust, scalable, high-performance, fault-tolerant, and most importantly, beautiful software. We also stay up-to-date with the latest in the world of software to make ourselves better.
Passion: To try out new ideas and iterate on existing product features, and love experimenting with new technology if it's right for the job. Because not only do we ride the cutting edge, we make it happen.
Collaboration: We believe that engineering is a continuous process of learning and improvement and that the best way to learn is by getting help from your fellow engineers. Coding is more fun when you do it together and appreciate the feedback.
We are seeking an experienced Security Compliance Specialist to lead our compliance initiatives and strengthen our security posture. This role will be responsible for ensuring adherence to regulatory requirements, developing security policies, and managing stakeholder relationships.
Responsibilities:
Lead compliance programs for MAS TRM, ISO 27001, PCI DSS, GDPR and other relevant standards. This entails the following:
Understand and assess the inventory of technology and cyber risk management related laws and regulations, as well as industry standards, and how they translate into organizational requirements and controls
Inventorize, monitor and report on the set of technology and cybersecurity risk management requirements, as well the control coverage, identifying and escalating risks as appropriate
Coordinate and execute compliance assessments for risk taking activities and process breakdowns against these organizational technology and cybersecurity risk management requirements, including any planned remediation; ensuring the team has a documented, rationalized and repeatable assessment methodologies
Develop, implement and maintain security policies, procedures and controls
Support compliance, financial or other audits from a technological risk management perspective
Work with internal and external stakeholders to develop and/or enhance existing compliance assessment reporting, and draft assessments for senior management and other stakeholders, to include regulatory agencies and the Board of Directors, as needed
Drive security awareness programs and training initiatives
Oversee evidence collection and documentation for compliance requirements
Stay current on emerging cyber threats and potential implications to the firm
Monitor regulatory changes and assess impact on the group
Collaborate effectively with colleagues, stakeholders, and leaders across multiple organizations within the group to achieve objectives
Requirements:
Bachelor's degree in Information Security, Computer Science or related field
5+ years of experience in IT security compliance, technology and risk management and/or consulting in 5+ years experience consulting or auditing in these fields
3+ years of experience developing, evaluating, or implementing cybersecurity, technology or compliance risk assessments
Deep understanding of applicable regulations on IT related notices, guidelines and acts including MAS Technology Risk Management (“TRM”) Notice and Guidelines, MAS Notice on Cyber Hygiene, Personal Data Protection Act (“PDPA”), ISO 27001, PCI DSS and GDPR requirements
Experience successfully leading organisations through compliance certifications
Strong knowledge of security frameworks, controls and best practices
Excellent stakeholder management, including proficient written and verbal communication skills
Relevant certifications like CISA, CISSP, ISO 27001 LA preferred
Key Skills
Security policy development and implementation
Risk assessment and management
Compliance program management
Audit preparation and response
Stakeholder engagement and communication
Documentation and evidence collection
Security awareness training
Regulatory knowledge and interpretation
The Syfe Advantages:
Annual learning allowance for work-related online courses and books
Allowance for home office setup
Latest M1 Macbook Pro + as required hardware and software
Best of all, our specialty is helping people manage their money. We will help you learn how to manage your own money like a pro