IT Risk & Governance Manager

At Julius Baer, we celebrate and value the individual qualities you bring, enabling you to be impactful, to be entrepreneurial, to be empowered, and to create value beyond wealth. Let’s shape the future of wealth management together.

IT Risk Management is a regional function in Asia responsible for technology risk governance and management. This function works in close collaboration across IT to foster strong risk culture and awareness. Primary responsibilities include risk management activities with the aim to continuously strengthen IT operational /security posture and provide risk transparency to our management.

• Close collaboration with CRO function to align internal control plans, managing/tracking/reporting of operational risks
• Close collaboration with Information Security function to support implementation and/or mitigation of Cyber risks
• Work closely with IT Service Owners to identify, mitigate and treat IT risks
• Work closely with IT Project Managers to identify, mitigate and treat residual risks arising from projects
• Maintain the IT Risk Register. Work closely with Risk champions to identify risks, track and monitor risk action plans, review risk treatment proposals and support closure of remediated risks
• Provide risk awareness training to IT Staff
• SPOC for all internal and external audits. Support fieldwork including review and collection of audit documentation, review audit reports and provide audit responses
• Track audit remediation plans to ensure timely and proper closure of IT audit points
• Cascade technology regulatory changes and work with IT function heads to remediate or mitigate risks/gaps arising from assessments or review
• Responsible for execution and quality review of IT Internal Control Plans
• Oversight on end of life technology, patch management and end user computing guidelines and compliance

• Individual Contributor
• Coaching

• Various IT functions, both regionally and globally
• Operational risk (CRO)
• Local Legal and Compliance functions

• Key local stakeholders include IT Service Owners, IT Infrastructure, IT Application Managers, IT Architecture and Project Managers
• CRO functions – including Business Operational Risk, Information Security and Compliance functions
• Global functions – IT Risk Management , Information Security
• Establish strong relationship with key stakeholders

• Ensure appropriate ethical and compliant behaviour within the area of responsibility by clear demonstration of appropriate values and behaviours including but not limited to standards on honesty and integrity, due care and diligence, fair dealing (treating customers fairly), management of conflicts of interest, competence and continuous development, adequate risk management, and compliance with applicable laws and regulations

• Associate Director (AD)

• Good communication skills covering oral, written, presentation, facilitation
• Ability to work under stressful environment
• Independent and self-driven
• Team player
• Strong relationship management and conflict resolution skills

• Between 5 to 10 year of experience in IT risk management and preferably in the banking industry. Wealth Management experience will be an advantage
• Strong technical knowledge
• Good understanding of business and IT processes. ITIL certification preferred
• Strong understanding of the technology regulatory framework in Singapore and Hong Kong

• Familiarity with technology regulatory framework and guidelines

• Report to Head IT Risk Management Asia

We are looking forward to receiving your full job application through our online application tool.