IT Business Assurance & Risk, Assistant Vice Presdient

  • Not Specified
  • Singapore
  • Permanent, Full time
  • State Street
  • 23 Oct 17 2017-10-23

Take up Project Manager role in substantial IT projects throughout the development cycles; ensuring the quality level and timeliness of service delivery and managing discussion with global or regional heads of business and corporate functions

Across the globe, institutional investors rely on us to help them manage risk, respond to challenges, and drive performance and profitability. We keep our clients at the heart of everything we do, and smart, engaged employees are essential to our continued success.

Our promise to maintain an environment where every employee feels valued and able to meet their full potential infuses our company values. It’s also part of our commitment to inclusion, development and engagement, and corporate social responsibility. You’ll have tools to help balance your professional and personal life, paid volunteer days, and access to employee networks that help you stay connected to what matters to you. Join us.

State Street is an Equal Opportunity Employer, and prohibits discrimination against applicants or employees on the basis of any legally protected characteristics.

Job Description

Job Summary:

  • Conduct information risk self-assessments driving response accuracy, consistency, and timeliness

  • Take up Project Manager role in substantial IT projects throughout the development cycles; ensuring the quality level and timeliness of service delivery and managing discussion with global or regional heads of business and corporate functions

  • Work with IT audit for internal and external compliance assessments.  Provide support to FLoD to ensure timely resolution of CATS and remediation items.  Ensure sufficient quality to support closure of regulatory or audit items.

  • Facilitate and oversee remediation of CATS and self-identified issues and provide consultation to process and control owners on management responses, risk remediation methods, and implementation plans.

  • Identify, timely communicate, and monitor high risk observations and technology risk incidents to SLoD and Executive Management.  Escalate to Risk Committees, APAC COO, CIO and/or CRO as appropriate.

  • Service provider/vendor management

  • Lead the efforts for effective IT risk governance, IT risk management and reporting in GTS APAC in partnership with the different global GTS Business Assurance teams and in alignment with the global strategic direction.

  • Participate in industry-related forums and training activities to stay current with risk management practices


  • Provide coordination, facilitation and intelligence as needed for all IT regulatory compliance activities (i.e., conducting compliance testing to ensure IT units operate within governing policies and procedures).

  • Perform work independently on general assignments and within scope of established guidelines and practices and consult with senior staff where clarification or exception to policy may be required and may provide functional guidance to less experienced staff.

  • Participate in risk management and compliance projects and activities

  • Support team strategy and direction to meet client needs through the understanding of their business

  • Communicate the highest priority initiatives to keep the leadership team focused on the right outcomes

  • Manage own professional and career development

  • Support team development through training and coaching and encourage experiential and other learning opportunities

  • Support a collaborative cross-business environment that fosters change utilizing the Change Management Framework

  • Execute risk and control procedures on a day-to day basis

  • Identify and escalate as appropriate any process and control deficiencies to management

  • Perform other duties as required



  • Bachelor’s degree in Business Information Technology or equivalent

  • Over 5 years of IT, Information Security, Risk Management and/or Audit experience

  • Knowledge of IT control frameworks, risk management practices and regulatory requirements

  • Professional security certificate holder such as CRISC (Certified Risk and Information Systems Control), CISA (Certified Information systems Auditor) certifications or equivalent, CISSP or equivalent

  • Excellent communication skills (verbal & written), with ability to write effective management reports

  • Ability to manage multiple tasks for senior leaders and demonstrate analytical and documentation skills

  • Ability to set own strategic goals and work with minimal supervision

  • Establish and nurture a culture of ‘Risk Excellence’ within the team

  • Proven ability to translate complex regulations


  • Solid experience in Technology Risk Management including Singapore MAS & CAS, Australia APRA and HKMA’s Cyber Risk Assessment Framework

  • Financial services experience is a plus

  • Additional languages of Asian countries would be preferred. Knowledge of Mandarin is an advantage.