IT Governance Specialist (Audit / GRC / VP / Attractive Bonus / Central / Permanent Role)

IT Governance Specialist (Audit /GRC/ VP/ Attractive Bonus/ Central/ Permanent Role)

We are seeking an experienced IT Governance Specialist (GRC) at the Vice President level to strengthen our IT risk management, governance, and compliance capabilities. The ideal candidate will have a strong background in IT audits, regulatory compliance, and risk management within the financial services sector. This role serves as a key advisor to senior management and a central point of contact for all IT audit and compliance activities.

• Lead and manage a high volume of audits, ensuring timely completion and quality of work.
• Manage Key Risk Indicators (KRIs) and Internal Testing/ITE activities.
• Develop, enhance, and implement IT and cybersecurity policies, processes, and procedures to address audit findings and elevate process maturity.
• Oversee the testing, monitoring, and enforcement of IT and cyber risk controls.
• Advise senior management on IT and cybersecurity risk issues, including updates on MAS guidelines and regulatory changes.
• Drive IT risk awareness across Technology teams, ensuring alignment with organizational risk posture.
• Collaborate with internal stakeholders to identify, review, and streamline IT and cyber risk management processes.
• Assess risks and control gaps using MAS TRM, Cyber Hygiene guidelines, and other frameworks; work with Line 2 and Security teams to strengthen controls and policies.
• Communicate and provide guidance on new or updated IT policies and standards.
• Contribute strategic and innovative ideas to enhance the IT governance framework.
• Lead, coordinate, and manage all IT-related audits and regulatory inspections.
• Review audit findings with key stakeholders to determine root causes, define action plans, and validate remediation efforts.
• Act as the first QA checkpoint for IT audit, risk, and compliance responses.
• Prepare and follow up on monthly metrics and reports for governance committees such as ERC, RMC, EXCO, MAS EWI, and MAS ITQM.
• Handle MAS RFIs (Requests for Information) and support regulatory submissions.
• Serve as the primary liaison for IT audits and risk/compliance engagements, providing support for business audits involving IT components.
• Manage the full audit lifecycle, including kick-off, RFIs, fieldwork, reporting, and closure of findings.

• Minimum of 12 years of experience in risk management, including at least 8 years in IT audit, IT risk, or IT compliance roles within an IT control function (preferably in financial services, banking, or payments).
• Candidates with backgrounds in IT governance, IT audit, or IT regulatory compliance who are keen to transition into IT risk management are also welcome.
• Strong hands‑on experience in audit management.
• Knowledge and experience in Risk Management (KRIs, ITE) and regulatory compliance, especially MAS and CCoP requirements.
• Strong knowledge of regulatory requirements and industry frameworks (e.g., NIST, MAS TRM, MAS Cyber Hygiene, ISO 27001).
• Proven experience working with external auditors and regulators such as MAS.
• Excellent writing, communication, and interpersonal skills.
• High attention to detail with the ability to review IT policies, processes, and audit deliverables thoroughly and accurately.

Interested candidates who wish to apply for the post, you may click the Apply Now Button or send in your updated resume (in MS Word format) to jackyooi@careerally.com.sg

We regret to inform that only shortlisted candidates will be notified.

Careerally Pte Ltd | EA Licence: 24C2215

Ooi Chuan Yi (Jacky)| EA Registration No: R24122948