Technology Risk Manager

The Technology Risk Manager is a self-motivated, IT-savvy and collaborative individual playing a vital compliance and oversight role on our Technology team. 

As the 1.5 Line of Defence for the Technology team, you are responsible for the maintenance and enforcement of information security policies, standards, and guidelines for our technology platform’s services and infrastructure components. In addition, you will closely support colleagues across departments to ensure security and efficient business continuity.

To succeed in this role, you will need:

• A strong understanding of risk management principles and practices.
• Be a good communicator with an ability to convey technical content in business language with the Chief Compliance & Risk Officer (CCRO) and senior management.
  
  

IT Security & Risk Management

• Ensure compliance to regulator’s Technology Risk Management guidelines and Personal Data Protection Laws group-wide.
• Work with various departments to ensure adequate Business Continuity Planning (BCP) and Disaster Recovery (DR) plans are established and tested.
• Maintain, track, and update our Policies and Procedures, IT risk register and control procedures to address known security vulnerabilities.
• Maintain security training & awareness across the organisation.
• Ensure Data Protection is embedded into our data lifecycle.
• Undertake new projects to improve security controls, while maintaining efficiency of operations.
• Proactively ensure the highest levels of systems and infrastructure availability.
• Act as a subject matter expert to assist business units (BRCs) and cross-functional teams in identifying, assessing and mitigating information security risks.
• Discussing control solutions with IT engineers to co-ordinating with the Risk team other control functions.
• Develop and maintain our Key Risk Indicators (KRIs) for technology and security risks and report to Head of InfoSec and CCRO.
• Prepare documentation and report/s to CCRO and Risk committees.
  
  

Incident Management

• Support CCRO to perform reviews and root-cause analyses, on technology aspects of incidents reported in the repository with the Product and Engineering teams.
• Follow through remediations on findings and incidents by coordinating with Business Risk Coordinators and CCRO.

Requirements

• 8-10 years of relevant experience in technology governance, risk & compliance or IT Audit.
• Relevant professional certifications (eg. CISA, CRISC, CISM, CISSP etc).

• Knowledge with SG (MAS) & MY (SC) requirements on Technology Risk is an advantage.

• Able to provide effective challenges and recommendations whilst building strong, respectful relationships across different functions.

Benefits

Employee financial and physical well-being

• Compensation package: You will receive a competitive total compensation package that includes employee stock options if you are a full-time employee.
• Comprehensive insurance coverage: Free panel outpatient GP clinic visits, group hospitalisation and surgical insurance, and Covid hospitalisation insurance coverage (conditions apply).
• Management fee discount: You will receive an employee discount on your asset management fees when you invest with StashAway.
  
  

Flexible work arrangements and policies

• Work-from-home policy: You may choose to work from home or the office depending on what works best for you and your team.
• Work-from-anywhere policy: You may request to work remotely for up to eight weeks in another country.
• Unlimited paid annual leave: It should be simple for you to decide if you would like to take more or fewer days off. We trust that you are accountable for your work and know best if you need 10 or 30 days of paid annual leave that year.
• Personal work equipment budget: It’s important that you have a workstation that’s optimal for you wherever you are.

Learning and development opportunities

• Annual L&D budget: You will be given an annual Learning and Development budget to help you continuously learn in your pursuit of your professional and personal development. You may use the budget for resources and tools that may help you perform better at work.
• Discount on selected postgraduate courses with INTI: You will receive a 40% discount for the courses you enroll in. Your spouse or children are entitled to a 16% discount for courses they enroll in.

Team bonding budget and initiatives

• Quarterly team bonding budget: We encourage you to socialise with colleagues across job functions, departments, and entities to know them better as individuals beyond what they professionally do.
• Annual off-sites (Oct): Each off-site gathers all employees for a full day of company-wide team bonding activities and challenges.