Divisional Risk and Controls Specialist - Manager

  • Negotiable
  • Singapore Singapore Singapore SG
  • Permanent, Full time
  • ITPM Consulting
  • 08 Aug 18 2018-08-08

The IT Risk and Control Manager is responsible for leading and delivering specific aspects of the risk and control strategy for Group Chief Information Office (Group CIO). This includes the proactive management and timely resolution of risks and regulatory issues impacting the division, leads problem solving for complex control issues, articulating risk management discipline and remediation to both senior and peer audience across the division, and promote sustainable approaches to risk and regulatory resolution.

The IT Risk and Control Manager will have the opportunity to:

  • Establish and lead proactive management and timely resolution of the risk and regulatory compliance portfolio affecting technology / Group CIO
  • Develop and lead structured problem solving for control issues, and ensuring resolution plans are sustainable and will lead to timely resolution through the development of S.M.A.R.T resolution plans
  • Challenges risk and control weaknesses tactfully and provide advisory to the 1LOD / business line for sustainable risk remediation options, or strategies arising from weakness, errors and external event demands
  • Lead the execution of structured independent risk and control reviews (e.g. Design and Operating effectiveness testing), and review of proposed remediation strategy
  • Key independent advisory, escalation, and contact point for risk topics, and ensuring issues are receiving the correct first and second line of defence (1LOD/2LOD) and senior management focus
  • Clearly articulate and communicate complex technology risk topics for effective resolution and awareness in line with the Bank’s Operational Risk Management (ORM) policies
  • Actively contributes to the design of risk and control programmes and policies in line with the defined risk and control strategy, and risk appetite / tolerance
  • Identification and proposals for optimisation and innovation towards simplification potentials and standards
  • Strong understanding of timely escalation, impact of risk events, remediation and lessons learnt to facilitate reduction of operational losses or near misses
  • Chair and/or lead risk forums to govern overall risk and regulatory portfolio, and effective ORM processes

Establishes positive risk culture and drives behavioural change

  • Candidates with at least 5 years in audit, and/or risk and regulatory compliance management with a global MNC, and with proven strong track record with at least one of the below are highly preferred
    • Successful resolution / positive outcome on APAC technology regulatory topics
    • Regulatory and Audit management framework
    • Regulatory compliance assessment
    • Thematic risk and control assessment /  Risk Profiling
    • Risk control framework and processes
    • Audit / regulatory Finding management and resolution
  • Excellent communication skills with the ability to articulate complex topics that leads to effective resolution to a wide audience across multiple regions, divisions and business lines
  • Candidates with background in excellent independent problem-solving skills for diverse issues is a major plus
  • Excellent problem solving skills for a wide variety of topics
  • Tactful, self-motivated and pleasant personalities
  • Bachelor’s degree from an accredited college or university (or equivalent) and/or relevant practical experience
  • Relevant accreditations in risk management such as CRISC, CISM, CISSP would be a plus