Job Description

Sygnum Singapore is a digital asset-focused fund manager, operating under a Capital Markets Services licence from the Monetary Authority of Singapore. With our suite of asset management offerings, we enable accredited and institutional investors to build exposure to digital assets within their portfolios with complete trust. Together with Sygnum Bank AG, the world’s first digital asset bank, our interdisciplinary team of banking, asset management and Distributed Ledger Technology experts in Switzerland and Singapore are shaping the future of a globally trusted digital asset ecosystem.

We are looking for a passionate Information Security Risk Manager to join our growing, high impact team in our office in Singapore.

Here, you will identify, assess, and treat risks to the confidentiality, integrity, and availability of our organization’s assets, hence, treat risks per our organization’s overall risk tolerance. You will work on external and internal facing applications and cloud services, and play a key role in taking Sygnum’s tokenization products to the next level! You will be joining an amazing team working on new ways to optimize our security practice, solving the challenges that impact the whole Sygnum group.

Tasks

• Provide information risk and security subject matter expertise inputs and assessments to our IT and business teams in support of their risk management activities.
• Support the Information Risk & Control assessment process and provide subject matter expert input relating to all aspects including IT risks, security measures, controls, and remedial actions.
• Support definition and improvement of information and security risk requirements and collaborate with our Corporate IT Services and the rest of IT and the Bank to prioritize new feature or control development.
• Oversee information security audits, whether by performed by the Bank or third-parties.
• Support our culture development of information and security risk awareness, hence, good conduct through supporting regular communications, awareness, and training.
• Collaborate with various Business and IT teams to translate business and security requirements into IAM requirements for all types of accounts and IT assets.
• Assist Corporate IT Services to align business roles to access and provisioning needs.
• Support design and alignment of IAM policies and processes across the group, and support documentation of guidelines.
• Identify and evaluate risks on IAM processes, implement internal controls to mitigate risks, and identify opportunities for internal control improvement.
• Design controls to ensure that IAM procedures are followed and evaluate effectiveness.
• Create rules and processes for automation to integrate application provisioning with the needed security and approval controls.
• Support design and implementation of policies and automation tasks for monitoring and recertification of accounts.

Requirements

• 5+ years of professional experience in information risk frameworks and management, information security/cybersecurity frameworks and management and IT audit, preferably in a mid/large-sized financial institution.
• Experience in Identity and Access Management best practices and IT risk and security management in cloud environments.
• Strong knowledge of IT legislative/regulatory requirements (e.g. PDPA, MAS TRM)
• Education in the field of information risk management and auditing (CISA, CISM, CRISC, CIA, CRMA, FRM)
• Technical or business degree (Uni/FH) or experience in the regulated Financial Services sector.
• Proven communication and interpersonal skills, including multi-stakeholder management.
• Strong communication skills, written and verbal in English.
• Understanding and knowledge of digital assets, hence, some experience working in Agile, or DevSecOps models is a plus.

If you’re additionally passionate for technology and blockchain with a massive worldwide impact, then please send us your CV!