Technology Risk Manager

Summary

Join our Technology team as a Technology Risk Manager, a vital compliance and oversight role. As the 1.5 Line of Defence, you'll maintain and enforce information security policies, standards, and guidelines. You will support colleagues to ensure security and business continuity. Success requires a strong understanding of risk management and excellent communication skills. You will work with various departments, maintain risk registers, and conduct security training. This role also involves incident management support and reporting to senior management. We offer a competitive compensation package, comprehensive insurance, flexible work arrangements, and extensive learning and development opportunities.

Requirements

• A strong understanding of risk management principles and practices
• Be a good communicator with an ability to convey technical content in business language with the Chief Compliance & Risk Officer (CCRO) and senior management
• 8-10 years of relevant experience in technology governance, risk & compliance or IT Audit
• Relevant professional certifications (eg. CISA, CRISC, CISM, CISSP etc)

Responsibilities

• Maintain and enforce information security policies, standards, and guidelines for our technology platform’s services and infrastructure components
• Support colleagues across departments to ensure security and efficient business continuity
• Ensure compliance to regulator’s Technology Risk Management guidelines and Personal Data Protection Laws group-wide
• Work with various departments to ensure adequate Business Continuity Planning (BCP) and Disaster Recovery (DR) plans are established and tested
• Maintain, track, and update our Policies and Procedures, IT risk register and control procedures to address known security vulnerabilities
• Maintain security training & awareness across the organisation
• Ensure Data Protection is embedded into our data lifecycle
• Undertake new projects to improve security controls, while maintaining efficiency of operations
• Proactively ensure the highest levels of systems and infrastructure availability
• Act as a subject matter expert to assist business units (BRCs) and cross-functional teams in identifying, assessing and mitigating information security risks
• Discuss control solutions with IT engineers to co-ordinating with the Risk team other control functions
• Develop and maintain our Key Risk Indicators (KRIs) for technology and security risks and report to Head of InfoSec and CCRO
• Prepare documentation and report/s to CCRO and Risk committees
• Support CCRO to perform reviews and root-cause analyses, on technology aspects of incidents reported in the repository with the Product and Engineering teams
• Follow through remediations on findings and incidents by coordinating with Business Risk Coordinators and CCRO

Preferred Qualifications

• Knowledge with SG (MAS) & MY (SC) requirements on Technology Risk is an advantage
• Able to provide effective challenges and recommendations whilst building strong, respectful relationships across different functions

Benefits

• Competitive total compensation package that includes employee stock options if you are a full-time employee
• Free panel outpatient GP clinic visits, group hospitalisation and surgical insurance, and Covid hospitalisation insurance coverage (conditions apply)
• Employee discount on your asset management fees when you invest with StashAway
• Work-from-home policy: You may choose to work from home or the office depending on what works best for you and your team
• Work-from-anywhere policy: You may request to work remotely for up to eight weeks in another country
• Unlimited paid annual leave: It should be simple for you to decide if you would like to take more or fewer days off. We trust that you are accountable for your work and know best if you need 10 or 30 days of paid annual leave that year
• Personal work equipment budget: It’s important that you have a workstation that’s optimal for you wherever you are
• Annual L&D budget: You will be given an annual Learning and Development budget to help you continuously learn in your pursuit of your professional and personal development. You may use the budget for resources and tools that may help you perform better at work
• Discount on selected postgraduate courses with INTI: You will receive a 40% discount for the courses you enroll in. Your spouse or children are entitled to a 16% discount for courses they enroll in
• Quarterly team bonding budget: We encourage you to socialise with colleagues across job functions, departments, and entities to know them better as individuals beyond what they professionally do
• Annual off-sites (Oct): Each off-site gathers all employees for a full day of company-wide team bonding activities and challenges