Job Description

About the client

With a legacy of more than 130 years across the globe, our client has been focusing on one thing: helping people achieve their financial goals. As a global wealth manager, they understand your needs, and take the long view when it comes to your assets. Whether you\'re starting a company, planning for your retirement, or want to ensure your loved ones will be taken care of in the future; their experts will help find the solution that is right for you.

They are one of the largest key wealth management providers in the region. Their Asia footprint covers major cities in the region including booking centres in Hong Kong and Singapore, offices in Shanghai, Mumbai and other key cities in India as well as joint ventures with a Leading Commercial Bank in Thailand and Japan.

They understand the needs of high and ultra-high net worth individuals in the region and are well positioned to serve them and their families for the long term.

About the role

IT Risk Management is a regional function in Asia responsible for technology risk governance and management. This function works in close collaboration across IT to foster strong risk culture and awareness. Primary responsibilities include risk management activities with the aim to continuously strengthen IT operational /security posture and provide risk transparency to our management.

Service Offering

• Support the rollout of IT risk management strategy, framework and standard(s) in Asia
• Manage day to day IT Risk management activities in Asia including:

o Maintenance of the central risk register
o Tracking of risk mitigation plans and
o Follow up on risk remediation and/or mitigation plans * Responsible for preparation of risk reporting to IT Risk Management Forum as well as Operational Risk Committees in Singapore and Hong Kong.

• Perform regulatory (MAS and HKMA) and security related assessments, review technical control effectiveness, identify gaps and follow up on actions
• Perform and execute internal control plans
• Review application security concept design as part of project implementations
• Work with external and internal audit to support fieldwork and tracking of IT related audit items
• Handle routine security related tasks e.g. password management, review of requests
• Drive a positive risk culture through training, communication and collaboration
• Prepare materials for periodic IT Risk Awareness trainings

KEY FEATURES OF THE POSITION

IT Risk Management

• Maintain the central risk register for Asia
• Support and assist risk owners to develop risk mitigation/remediation strategies for High, Medium and Low risk items
• Maintain oversight of risks mitigation / remediation plans of High, medium and Low risk items
• Work closely with IT Project Managers to identify, mitigate and treat residual risks arising from projects
• Collaborate with Information Security function to support implementation and/or mitigation of Cyber risks
• Prepare risk reporting materials to be presented at IT Risk Management Forum and Operational Risk Committees
• Perform Internal Control validations and highlight exceptions for remediation
• Track, monitor and report on status of Controls
• Provide IT risk awareness trainings

Support IT teams in responding to external and internal audit queries. * Review audit reports and provide audit responses

• Track audit remediation plans to ensure timely and proper closure of IT audit points

KEY FEATURES AND ACCOUNTABILITIES

Client Management (internal & external)

• Various IT functions, both regionally and globally
• Operational risk (CRO)
• Local Legal and Compliance functions

Business Management

• Key local stakeholders include IT Service Owners, IT Infrastructure, IT Application Managers, IT Architecture and Project Managers
• CRO functions including Business Operational Risk, Information Security and Compliance functions
• Global functions IT Risk Management , Information Security
• Establish strong relationship with key stakeholders

Regulatory Responsibilities &/OR Risk Management

• Ensure appropriate ethical and compliant behaviour within the area of responsibility by clear demonstration of appropriate values and behaviours including but not limited to standards on honesty and integrity, due care and diligence, fair dealing (treating customers fairly), management of conflicts of interest, competence and continuous development, adequate risk management, and compliance with applicable laws and regulations

SKILLS REQUIREMENTS

Personal and Social

• Good communication skills covering oral, written, presentation, facilitation
• Ability to work under stressful environment
• Independent and self-driven
• Strong relationship management and conflict resolution skills
• Good and clear communication

Professional and Technical

• 5 to 7 years of experience, in the areas of Information Technology, Risk Governance or Control, Security or Audit related functions
• Banking experience, preferably in Wealth Management. Sound understanding of various business functions
• Strong technical skills. Experience in IT delivery or implementation and having a good understanding system design is a plus
• Independent worker, team player
• Preferred certification: CISSP, CISA

Regulatory

• Familiar with local regulatory environment in Singapore and Hong Kong

Experience in interaction with regulator preferred

Hyred