Job Description:
- Identify and manage potential technology risks through risk assessment process.
- Perform risk monitoring including continuous assessments to monitor technology risk such as Risk Control Self-Assessment and Control Testing.
- Monitor the risk landscape and emerging threats to the company, understand the evolving risks and new technologies in managing such risks.
- Recommend and implement improvements to mitigate identified risks.
- Evaluate and manage risks associated with third-party vendors, service providers and business partners.
- Prepare and provide necessary reporting to Line 2 Technology Risk Oversight on Technology Risk matters.
- Provide advice on technology risk management.
- Support audit and regulatory inspection in relation to technology risk domain.
- Propose and implement continuous improvement initiatives for technology risk management processes.
Key Requirements:
- Minimum diploma or degree in computer science, information technology or equivalent.
- Minimum of 5 years’ relevant experience; preferably in Insurance / Financial industry, or with experience in IT audit.
- Familiarity with MAS Technology Risk Management, Cyber Hygiene, MAS Outsourcing and MAS Business Continuity Management requirement is preferred.
- Good understanding of industry-leading practices and control frameworks (e.g., COBIT, NIST CSF, ISO 27001)
- Practitioner and holder of IT risk certification, such as CISSP, CISA, or CRISC
- Familiarity with office productivity, usage of open-source frameworks and business intelligence tools, including (but not limited to) Microsoft Office, PowerBI &/or Tableau.
- Demonstrable ability to identify and analyse risk and control issues, challenge the status quo, and work with cross-functional teams to ideate pragmatic solutions that strengthen the control environment.
- Possess good interpersonal, communication, and presentation skills to engage stakeholders from different businesses and levels.
- Meticulous and able to work independently as well as in a team.
