Working as team member of the IT Governance, Risk, and Assurance (ITGRA) team, under the IT Risk & Security team, the Intern will be responsible for
IT security awareness programme (60%)
Design and develop engaging cybersecurity awareness materials, such as infographics, email broadcasts, newsletters, e-learning quizzes, simulated phishing scenarios, contests, training slides, e-learning quizzes and writing of training script for voice-over, covering a wide range of cybersecurity domains.
Support in periodic phishing exercises to assess the ability of staff and agents to spot phishing emails and whether they are able to protect themselves against phishing attacks. Much effort is dispensed in the analysis of phishing results and management reporting as well as the subsequent follow-up actions. The Intern will be tasked to assist in the results analysis, and the management reporting including exploring the potential to automate the reporting process for greater efficiency.
IT Compliance (40%)
Understand the regulatory requirements that are applicable to technology domains.
Assist in gap assessment and testing against regulatory compliance and audit facilitation through automating the controls check to identify potential gaps in IT processes and controls.
It would be advantageous if the Intern possess good writing skills and creativity in digital media design. Working knowledge in Microsoft SharePoint, MS Office and common design tools such as video editor/movie maker for creating animated and interactive contents will be added advantage.
Qualifications:
Bachelor's Degree in information security management, cyber security, information technology, etc.
Other competencies and traits:
- Able to work independently and to learn-on-the job
- Good planning and coordination skills
- Good writing and communication skills
- Able to work as a team and comfortable to communicate and open to honest feedback
- Willing to share new and fresh ideas and experience from tertiary studies
