AVP/VP, IT Risk
- Permanent, Full time
- GIC Private Limited
- 16 Dec 17 2017-12-16
The Technology Department is a key enabler to keep our business moving forward and is constantly exploiting state-of-the-art information technologies to enhance GIC’s ability to be the leading global long-term investment firm. We aim to provide users with empowering and transformational capabilities, and to create an inclusive, innovative and integrated work environment. This role will focus on IT Risk, with the primary objective to promote prudent IT risk management and enable GIC to harness the full benefits of technology in a secure manner and in alignment with our operational risk appetite.
•Be the subject-matter expert on IT Risk matters relating to people, process and technology;
•Be our ambassador to drive an effective IT risk management program and culture (e.g. managing security awareness articles and conducting regular awareness training for staff on policies / processes relating to IT risk management and IT security standards);
•Support the implementation of IT risk management framework, and keep the relevant policies and standards up to date;
•Review IT security, audit and operational risk issues to identify root causes and trends, and recommend appropriate remediation;
•Identify and assess emerging risks, and devise effective mitigating controls together with stakeholders;
•Facilitate and conduct IT risk management and assurance activities (e.g. risk assessment, control self-assessment) for a wide-range of projects, processes and services;
•Coordinate for both internal and external IT audits.
•A Honors degree preferably in Information Technology or equivalent with 5 to 10 years of relevant working experience in the asset management or finance industry;
•3 to 5 years of experience in IT risk management or security;
•Good self-initiative, meticulous, versatile, a good team player with good interpersonal skills;
•Sound technical background, strong analytical and problem solving skills; good communication skills and experience presenting to senior management;
•Experience in data analytics.
It will be an added advantage if you possess:
•A major in IT risk management or IT security related areas
•Professional qualification such as CGEIT / CRISC / CISM / CISSP
•Experience in using Governance Risk and Compliance (GRC) systems