IT & Operational Risk Specialist (ID: 578728)

Key Responsibilities

• Support the Head of TORM to develop, implement and maintain the framework (policies and procedures, templates) for Operational Risk Management (“ORM”) and its underlying sub-risk types and monitor the adequacy of the framework. Examples of ORM sub-risk types include business resiliency, technology, third party and outsourcing and new product
• Act as subject matter expert and advise on the implementation of the ORM framework including risk assessments, due diligence assessments and policy dispensations
• Initiate and oversee risk and control activities such as business process mapping, risk and control self-assessment (“RCSA”) and Business Continuity Management (“BCM”) testing
• Conduct risk assessments of technologies or processes where required, e.g. Business Impact Analysis (“BIA”), third party and outsourcing due diligence, new product assessment, etc.
• Facilitate the risk acceptance process that evaluate risk and compensating controls, identify risk owners and set conditions on risk acceptance and obtain approval
• Monitor new regulatory requirements and conduct gap analysis against new regulations/ guidelines and the ORM framework to ensure compliance
• Monitor changes to fraud landscape, industry (e.g. digital banking, fintech and payment) practices and technologies; and enhance the fraud risk strategy to ensure the firm implements adequate controls across FRM to address these changes
• Develop and provide training for employees to promote risk awareness and ensure relevant employees are trained on the policies for OR and its sub-risk types
• Define and propose risk management metrics (e.g. key risk indicator/ key control indicator) to monitor the risk and control environment; and periodically report to the risk committees to support senior management in risk oversight and governance
• Monitor that employees/ personnel and service providers implement controls that achieve the ORM’s objectives and is sustainable including the appropriateness and effectiveness of processes for the identification, management and control of OR risks
• Identify and report high risk, emerging risk trends and key issues to risk committees.
• Support internal and external audit/ assessment engagements
• Participate in IT, information and cyber security incident response and review the incident reports submitted to regulators
• Monitor and provide oversight on issues and remediations
• Design, implement and maintain risk management tools

Job Requirements

• Bachelor's degree in science, mathematics, engineering, computer or information systems or related discipline
• 6+ years of experience in either risk management, information security, advisory, audit or compliance in technology and operational areas preferably within the financial industry
• Familiar with operational and technology risk regulatory and legislative requirements (e.g. MAS Notice 644, Notice 655, TRM guidelines, Guidelines on Risk Management Practices, Business Continuity Management Guidelines, Guidelines on Outsourcing, Cloud Advisory, Banking Secrecy Act, Cyber Security Act and Personal Data Protection Act)
• Professional certification such as CISSP/ CISA/ CISM/ CRISC/ CDPSE will be an added advantage

We apologize that only shortlisted candidates will be contacted. Thank you

By sending us your personal data and curriculum vitae (CV), you are deemed to consent to PERSOLKELLY Singapore Pte Ltd and its affiliates collecting, using and disclosing my personal data for the purposes set out in the Privacy Policy which is available at www.persolkelly.com.sg  I also acknowledge that I have read, understood, and agree to the said Privacy Policy.

PERSOLKELLY Singapore Pte Ltd • RCB No. 200007268E

EA License No. 01C4394 • EA Registration No. R1988656 (Wong Mei Cher)