IT RISK OFFICER - CONTRACT

Professional and Technical

• 6 to 7 years of experience in Information Technology, Risk Governance, Control, Security, or Audit functions.
• Banking experience, preferably in Wealth Management, with a sound understanding of various business functions.
• Strong technical skills, with experience in IT delivery, implementation, and a good understanding of system design.
• Independent worker and team player. Preferred certifications include CISSP and CISA.

Regulatory

• Familiar with the local regulatory environment in Singapore and Hong Kong.
• Experience in interacting with regulators is preferred.

Service Offering

• Manage IT regulatory remediation projects and validate IT remediation actions.
• Support the rollout of IT risk management strategies, frameworks, and standards in Asia.
• Support daily IT risk management activities in Asia, including maintaining the central risk register.
• Track risk mitigation plans and follow up on risk remediation and mitigation.
• Assist in preparing risk reports for IT Risk Management Forums and Operational Risk Committees in Singapore and Hong Kong.
• Perform regulatory (MAS and HKMA) and security assessments, review technical control effectiveness, identify gaps, and follow up on actions.
• Implement and execute internal control plans.
• Review application security concept designs during project implementations.
• Collaborate with internal and external auditors during fieldwork and track IT audit items.
• Handle routine security tasks such as password management and request reviews.
• Promote a positive risk culture through training, communication, and collaboration.
• Prepare materials for periodic IT Risk Awareness training sessions.

Regulatory Responsibilities &/OR Risk Management

• Ensure ethical and compliant behavior within the area of responsibility, demonstrating values such as honesty, integrity, due care, fair dealing, conflict management, competence, continuous development, risk management, and legal compliance.