Job Description

Responsibilities:


Conduct regular risk assessments and continuous monitoring of technology risks, including emerging threats and new technologies. Evaluate and manage risks associated with third-party service providers and business partners. Perform Risk Control Self Assessment and Control Testing to evaluate the design and operating effectiveness of key controls. Recommend and implement improvements to mitigate identified risks Communicate technology risks and mitigation strategies to relevant stakeholders, ensuring transparency and alignment. Prepare and present reports on technology risk matters to Line 2 Technology Risk Oversight. Provide expert advice on technology risk management, supporting audits and regulatory inspections. Stay updated on industry-leading practices, regulatory changes, and control frameworks (e.g., MAS TRM, ISO 27001). Propose and implement enhancements to technology risk management processes. Participate in business-as-usual (BAU) activities and special assignments as delegated. Provide coverage for team members during absences.

Requirements:


Diploma or degree in Computer Science, Information Technology, or related field. Minimum 5 years' relevant experience, preferably in insurance, financial services, or IT audit. Strong understanding of MAS Technology Risk Management, Cyber Hygiene, Outsourcing, and Business Continuity Management requirements. Familiarity with control frameworks (COBIT, NIST CSF, ISO 27001). Practitioner and holder of IT risk certifications (CISSP, CISA, CRISC). Proficiency in office productivity tools and business intelligence platforms (Microsoft Office, PowerBI, Archer, Tableau). Demonstrated ability to analyze risk and control issues, challenge the status quo, and drive pragmatic solutions. Good interpersonal, communication, presentation, and writing skills. * Meticulous, independent, and collaborative work style.