Senior IT Compliance & Governance Specialist

Marina Bay Sands Pte Ltd| Date Posted: 18-Jun-2019
Save Job
'N' Levels / 'O' Levels, ITE/ NITEC/ Higher NITEC, 'A' Levels, Diploma, Bachelor's / Honours, Masters / PhD

Job Description


  • Manage, support and advise on IT compliance for technology and business projects
  • Manage and support subject access requests – Internal and external
  • Manage and support all IT aspects of SOX external / internal reviews and audits
  • Oversee and lead execution of procedures and controls to assure compliance with applicable regulatory and legal requirements as well as good business practices
  • Lead execution of formal risk analysis and self-assessments program for various Information Services systems and processes
  • Manage, support and advise IT Delivery and Operation teams on remediation of new and outstanding issues
  • Lead the IT compliance program covering Sarbanes-Oxley (SOX), Payment Card Industry, (PCI) and Service Organization Controls (SOC), Casino Regulatory Authority controls and internal Guiding Principles and Standard Operating Procedures
  • Identifying and mapping of changes required on policies on yearly / quarterly basis
  • Lead execution of  compliance assessments – Self assessment, etc  and ensure assessments completed timely
  • Provide guidance to IT Delivery in new system development and implementations to ensure that development effort(s) follow appropriate guidelines and regulatory controls
  • Liaise with IT Delivery on Technical Incident Report (TIR); ensuring approvals provided before submitting TIR to Casino Regulatory of Authority


  • At least 6 – 8 Years proven Industry experience in designing and implementing Business Process Improvement
  • ASQ Certified Quality Auditor (CQA) or Certified Software Quality Engineer (CSQE) desirable
  • Familiar with SOC1, SOC2 reporting standards
  • Familiar with PCI DSS standards
  • Knowledge and experience of SDLC, Change Control, and SQA methodologies, techniques, and general principles
  • Knowledge of regulatory directives (e.g. Sarbanes-Oxley) as it relates to the controls required from systems and IT processes
  • Ability to work well with key business partners across sectors and internal IT teams in a collaborative manner
  • Knowledge of risk assessment design and delivery
  • Experience in proving guidance to IT controls and security requirements for technology and business partner initiatives. Ensuring that systems provide adequate protections to meet areas of legal/regulatory compliance and IT security for the integrated resort/gaming industry
  • Knowledge in continuous improvement in IT governance, risk, compliance and security practices based on expert knowledge in domain areas, industry best practices, business objectives and risk tolerances
  • Strong Knowledge in defining the Segregation of duty matrix for IT department