An empowering career at Singtel begins with a Hello. Our purpose, to Empower Every Generation, connects people to the possibilities they need to excel. Every “hello” at Singtel opens doors to new initiatives, growth, and BIG possibilities that takes your career to new heights. So, when you say hello to us, you are really empowered to say…“Hello BIG Possibilities”.

Looking for an opportunity to elevate your career? Our internal mobility program is just what you need!

In Singtel Group, we strongly believe that our employees are our most valuable assets and are committed to creating a culture that supports your professional growth. By exploring new job opportunities within the company, you can expand your skill sets, gain exposure to different areas of the business, and build a diverse and fulfilling career.

If you are keen to explore this position or would like to refer a friend, please apply with an updated resume attached. Should you have any questions or concerns, please do not hesitate to reach out to the Talent Acquisition Manager in charge.

Be a Part of Something BIG! 

Reporting to the Group Chief Information Security Officer (GCISO), the Group Cyber Governance, Risk & Compliance (GRC) Director is a senior Group-level leadership role accountable for setting, maintaining, and enforcing Singtel Group’s cyber security policies, standards, and compliance posture. The role owns the Group cyber policy framework, control standards, and assurance mechanisms that ensure cybersecurity risks are consistently identified, assessed, managed, and reported across all Operating Companies and Associates.

Working closely with OpCo risk and security leaders, the role defines Group-wide cyber governance requirements, including policies, minimum control standards, and risk acceptance principles. These policy guardrails establish clear expectations for due care, regulatory compliance, and “secure-by-default” outcomes, while allowing measured flexibility for local operating contexts.

As a policy authority and trusted governance advisor, the Group GRC Director provides independent oversight and challenge on major initiatives and material risk decisions. The role ensures that cybersecurity risks are formally assessed against Group policies and standards, that policy exceptions are governed through defined approval processes, and that residual risks are transparently escalated and accepted at the appropriate level.

This position requires strong risk judgement, regulatory insight, and executive influence, with the ability to translate complex technical and cyber risks into clear policy positions, compliance outcomes, and Board-level risk narratives. The role bridges business, technology, and security by embedding disciplined policy governance, compliance assurance, and accountability into the Group’s operating model.

Make an Impact by

Governance, Policy & Standards

• Act as the Group owner and governing authority for Singtel Group Cyber Security Policies, Standards, and Control Libraries, ensuring consistent application, resilience, and enforceability across all OpCos and Associates.
• Establish, maintain, and evolve Group-wide minimum cybersecurity requirements, including approval of material policy updates, standards enhancements, and control baselines.
• Continuously assess Singtel Group Cyber Security Policies and Standards against industry best practices and regulatory expectations (e.g. ISO/IEC, NIST, CIS Controls, GSMA), ensuring safeguards remain effective against the evolving threat landscape.
• Own and govern the policy exception and risk acceptance process, including escalation thresholds, decision authorities, and documentation of residual risk.
• Drive security culture and controls adoption through structured stakeholder engagement, training, and enablement across the Group.

Controls Risk Framework & Risk Visibility

• Define and own the Group Cybersecurity Controls and Risk Framework, including methodologies to assess inherent risk, control effectiveness, control maturity, and residual risk across cyber domains.
• Develop and maintain controls risk metrics, KRIs, and gap indicators to provide consistent, risk-based visibility of cybersecurity posture across Singtel Group.
• Translate controls and compliance outcomes into executive- and Board-level insights, supporting prioritisation, remediation planning, and informed risk decisions.

Compliance Assurance, Automation & Continuous Monitoring

• Own the Group Compliance Assurance Framework, defining how compliance with Group Cyber Security Policies and Standards is assessed, validated, and reported across OpCos and Associates.
• Lead the transition from point-in-time assessments to continuous controls assurance, leveraging technology to provide near-real-time visibility of controls effectiveness and cyber resilience.
• Establish and execute a Group-wide digital GRC platform strategy as the single source of truth for governance, risk management, compliance, exceptions, and audit evidence.
• Drive the adoption of automation and agentic AI to scale compliance assessments, evidence collection, and controls monitoring, while maintaining auditability, traceability, and regulator confidence.

Business, Regulatory & Cyber Leadership

• Serve as the Group authority on cyber governance and risk, providing trusted advisory and challenge to senior management and Boards on cybersecurity risk posture and material exposures.
• Maintain awareness of emerging cyber threats, technologies (e.g. AI, quantum), and regulatory developments, translating these into risk-aligned governance and control enhancements.
• Act as a key interface with auditors, and external assessors on matters related to cyber governance, compliance, and assurance.
• Provide thought leadership and effective stakeholder engagement, balancing business enablement with risk discipline and regulatory expectations across the Group.

Budget & Resource Stewardship

• Assist in planning and managing budget
  
  APPLY FOR JOB
  Report Expired Link