Job Description

Our client, a prominent commercial bank in Asia, is looking to hire a seasoned and qualified Senior IT Governance & Risk Manager.


The Senior IT Governance & Risk Manager is responsible for overseeing IT governance and ensuring a robust cybersecurity posture across the Branch. This role ensures that IT systems, operations, and processes align with regulatory requirements, industry best practices, and internal policies. Key responsibilities include developing and implementing IT risk frameworks, conducting risk assessments, managing audits, and fostering a culture of compliance. This position plays a critical role in safeguarding the Branch's technology environment and supporting overall business resilience.

Key Responsibilities:

Risk Identification & Assessment

Identify, assess, and prioritize IT-related risks (e.g., system disruptions, data breaches, reputational exposure). Develop and implement mitigation strategies to minimize potential impact.

Compliance Management

Ensure that Branch and IT operations comply with regulatory, legal, and internal requirements. Develop, review, and maintain IT compliance procedures and guidelines.

Policy Governance

Maintain the Branch's IT risk and security policy framework in alignment with corporate and regulatory expectations. Ensure policies are regularly reviewed, updated, and effectively communicated across stakeholders.

Risk Monitoring & Reporting

Monitor the effectiveness of internal controls and escalate IT risk or security incidents promptly. Prepare regular reports and dashboards on IT risk exposure and compliance status for senior management.

Security Awareness & Training

Promote IT risk awareness across all departments. Provide guidance on regulatory compliance and IT security best practices.

Third-Party Risk Management

Assess and monitor third-party vendors' cybersecurity readiness and compliance with contractual and regulatory obligations.

Audit & Regulatory Engagement

Serve as a liaison for internal/external audits and regulatory inspections. Coordinate remediation efforts for any identified gaps or risk findings.

Business Continuity Management

Oversee annual disaster recovery testing for all critical systems and ensure alignment with business continuity requirements.

Key Stakeholders:

All internal departments within the Branch Head Office and Head Office Information Security Relevant Head Office stakeholders External IT vendors and service providers

Requirements:

Bachelor's Degree in Computer Science, Information Technology, or a related discipline Minimum 15 years of experience in IT risk management, cybersecurity, compliance, and audit--preferably within a financial institution Strong knowledge of MAS Technology Risk Management Guidelines Professional fluency in English and Mandarin (to liaise with Mandarin-speaking counterparts at Head Office)

Relevant certifications preferred:

Certified Information Systems Security Professional (CISSP) Certified Information Security Manager (CISM) Certified Ethical Hacker (CEH)

Application Process:

Interested candidates should submit their resume to Oliver Lim at Oliver.Lim@empowerpartners.sg, quoting the job title. Only shortlisted candidates will be contacted.


License No: 24S2395


Registration No: R1657051