M23 - IT Risk Management

Job Title: M23 - IT Risk Management
Contract Type: Permanent
Location: Singapore, Singapore
Salary: Negotiable
Start Date: 04/09/17
Reference: 533285_1501817801
Contact Name: Dhvani Anjaria
Contact Email:
Job Published: August 04, 2017 04:36

Job Description

  • With an enviable reputation as one of the world's most diverse and widely situated financial institutions, the Singapore operation locally continues to offer a rewarding and expansive array of career opportunities. The CIB performance management team partners with different stakeholders and is seeking to appoint a seasoned segment finance specialist.


  • Policy sets the strategic direction that guides the organization toward objectives and goals, building a culture focused on controlled, business aligned services. In Information Technology, policy cover all aspects of the IT organization - from software acquisition and development to security to disaster recovery to operational management.
  • An IT policy and its supporting standards defines the controls and requirements necessary for proper security, management and practices
  • The role is expected to work with business, functional IT teams, Process Owners, Risk & Control, Group OR and other key stakeholders to develop a coherent policy and procedure framework which is easily accessible to all employee
  • Responsible for all aspects of the Policy Lifecycle which include:
  • Identifying the gross risks the policy is designed to address, creating new policies, reviewing and amending existing policies
  • Identifying and consulting key stakeholders regarding the application and cost-benefit trade-offs of the policy, ensuring practicality of implementation

Key Roles and Responsibilities

  • Benchmark standards and set policy with industrial standards for process design
  • Design policy, procedures and standards aligned to overall business and technology objectives and applicable laws and regulations, leveraging common control Develop an internal policy framework based upon specific business requirements and practices. Documentation to articulate specific controls should be developed to guide operational procedures.
  • To manage and maintain the Technology policy and procedures in line with the Governance framework, regulatory requirements, and industry standards.
  • Lead the redocumentation of the Group Technology policy documentation by ensuring all documents accurately reflect the bank's structure;
  • Drive developments and implementation of new Technology Policies and Procedures
  • Review any changes to regulatory, internal and external environments and their impact on policies, define policy requirements and set the policy and control standards
  • When Policies and procedure change, consult with the relevant Process Owner to ensure appropriate process and controls are installed prior to launch
  • Involve other operational groups - audit, legal, IT units to provide feedback on the IT "Service" oriented practices as well as regulatory and industry compliance requirements

Qualifications and Skills

  • At least 8 years of experience in managing Technology policies & procedures within a banking environment, including demonstrated ability to write Technology policy & procedure documentation
  • At least 5 years of experience in the regulatory field including experience in dealing with regulators
  • Degree in Information Technology or Computer Engineering
  • Operational knowledge of application development and infrastructure management
  • Practical knowledge of IT governance, risk and audit framework, and standards, e.g COBIT, ISO27001, ISO38501
  • MBA degree with consulting experience preferred
  • A strong understanding of the global regulatory environment
  • Strong analytical skills.
  • Strong delivery/programme management skills
  • Good judgment enabling the provision of sound advice in difficult areas of law, regulation and practice and the proactive management of compliance and regulatory risk.
  • Willingness to contribute in the development of new strategic frameworks, being a clear
  • Sharp business acumen, including the ability to assess risk.

All enquiries to Dhvani on or +65 3157 1209