Position Summary: As a member of the IT Strategy and Governance team, the Senior Analyst - Strategy & Governance is responsible for protecting GEG's information assets. He/she will work under the supervision and guidance from the Manager to provide support to the development, management and implementation, and enhancement of the Internal Controls of corporate-wide IT Processes. Primary Responsibilities: Contribute the team working as “Subject Matter Expert” for GEG by conducting following tasks: > Conduct basic review and update on IS&T Cybersecurity policy, SOPs and internal IS&T processes. > Review and assess the effectiveness of security measures aligned with policies. > Recommend and develop security measures to protect information against unauthorized modification or loss. > Review and test information security controls for different layers including data, applications, operating systems, and network devices. > Coordinating the Internal and External Audit process with different IS&T teams and business users. > Support the Manager and Senior Manager to facilitate the Internal Audit projects including information collection, coordination of walkthrough meeting, support for the remediation Progress Tracking/Reporting/Bi-Weekly Reminders > Support MCSL Assessment Tracking/Reporting including tracking the progress of ongoing MCSL assessment activities, the remediation status for outstanding findings, > Support the Manager and Senior Manager for ah-hoc communication and meeting preparation support with the IS&T, RM, Internal Audit Team, and other key stakeholders. Requirements: Bachelor's degree in computer science, computer engineering, systems analysis, or a related study, or equivalent experience. 3 or more years of experience in not less than one IT discipline including, but not limited to; application support, application development, data analysis, servers and storage, networking, middleware, database management, IT operations, etc. Excellent written and verbal communication skills with a good proficiency to communicate in English. Strong planning and organizational skills. Strong interpersonal skills, including teamwork, facilitation and negotiation. Strong analytical and technical skills. Good ability to translate business needs into technical requirements. Good problem solving skills. Good customer service skills. Good skills to work independently and deliver task as planned. Basic skills and knowledge in building or managing information security controls.