Position Title: IT Risk Specialist (CISSP, CISA)
Job posting done by Sheralynn Tjioe, Head of Interim and Contracting Solutions (Technology) Recruitment at Kerry Consulting
Email: [email protected]
Our Client is a leading leading stable firm.
Role Summary:
The IT Risk Management function for the Asia region oversees technology risk governance and management. This role involves working closely with IT teams to foster a strong risk culture and enhance awareness. The primary duties include managing IT operational and security risks, maintaining transparency, and driving improvements in IT security.
Key Responsibilities:
- IT Risk Management:Implement and support the IT risk management strategy, framework, and standards across Asia.
Oversee daily IT risk management tasks, such as maintaining the central risk register, tracking risk mitigation plans, and following up on remediation efforts.
Prepare risk reports for the IT Risk Management Forum and Operational Risk Committees in Singapore and Hong Kong.
Conduct regulatory assessments (MAS and HKMA), evaluate technical controls, identify gaps, and ensure corrective actions are taken.
Execute internal control plans and review the security design of applications for projects.
Collaborate with external and internal auditors to facilitate audits and track IT-related audit items.
Handle routine security tasks, including password management and request reviews.
Promote a positive risk culture through training, communication, and collaboration.
Develop materials for periodic IT Risk Awareness training sessions.
Client and Stakeholder Management:
- Engage with various IT functions regionally and globally.
- Interface with operational risk management (CRO) and local legal and compliance teams.
- Build and maintain strong relationships with key stakeholders, including IT Service Owners, IT Infrastructure, IT Application Managers, IT Architecture, and Project Managers.
Business Management:
- Collaborate with local stakeholders, CRO functions, and global IT Risk Management and Information Security teams.
- Establish and maintain effective relationships with business units and stakeholders.
Regulatory and Compliance:
- Demonstrate ethical behavior and compliance with values such as honesty, integrity, and diligence.
- Ensure adherence to standards related to fair dealing, conflict of interest management, competence, continuous development, and risk management.
Skills and Qualifications:
- Personal and Social Skills:Strong communication skills (oral, written, presentation).
Ability to work effectively under pressure and independently.
Excellent relationship management and conflict resolution skills.
- Professional and Technical Skills:7 to 9 years of experience in IT, Risk Governance, Security, or Audit roles.
Experience in banking, particularly Wealth Management, with a solid understanding of business functions.
Strong technical skills with knowledge of IT delivery, implementation, and system design.
- Preferred certifications: CISSP, CISA.
- Regulatory Knowledge:Familiarity with the regulatory environment in Singapore and Hong Kong.
Experience interacting with regulators is a plus.
To Apply:
For a confidential discussion regarding your next Technology role, please submit your resume (in MS Word format) to Sheralynn Tjioe at [email protected], quoting the job title. We regret that only shortlisted candidates will be contacted.
Registration No.: R1878306 License No.: 16S8060