IT Risk & Control delivers overall technology governance and control framework to support technology operations. Objectives of the team are to: Maintain and monitor the Regional and Global Technology Control Environment for adherence to the Governance Framework.
Nomura is an Asia-headquartered financial services group with an integrated global network spanning over 30 countries. By connecting markets East & West, Nomura services the needs of individuals, institutions, corporates and governments through its four business divisions: Retail, Asset Management, Wholesale (Global Markets and Investment Banking) and Merchant Banking. Founded in 1925, the firm is built on a tradition of disciplined entrepreneurship, serving clients with creative solutions and considered thought leadership. For further information about Nomura, visit www.nomura.com.
IT Risk & Control delivers overall technology governance and control framework to support technology operations. Objectives of the team are to:
- Maintain and monitor the Regional and Global Technology Control Environment for adherence to the Governance Framework.
- Facilitate the design and operation of appropriate controls to allow Technology to operate efficiently and effectively while ensuring requirements of Technology Management, Internal and External Audit, Regulatory Bodies, Compliance, Legal and Risk controls are met.
- Advise Technology management and staffs on Governance, Risk, and Control best practice.
- Responsible for Singapore and South Asia IT Risk & Control operations
- Perform IT risk assessment to identify potential risks and develop mitigating controls
- Support global IT policies & standards buildout and reviews, and monitor compliance of IT operations.
- Improve overall IT Risk & Control awareness of IT staffs
- Coordinate internal and external audit, and technology related regulatory assessments
- Monitor technology projects for adherence to governance policies and processes
- Develop technology MIS reporting (e.g. KRI, operational KPI, Control Dashboard)
- Coordinate global / regional technology control improvement programs
- Liaise and work closely with senior management and key business stakeholders
Key Experience & Skills
- Graduate Degree, Information Technology degree or relevant qualification
- Minimum 8 years of relevant IT Risk & Control experience within Investment Banking or related environment
- CISA, CISM, CRISC, CISSP, or other IT governance, risk, or audit or security professional qualification
- Fluent spoken and written English
- Excel (Marco), Business Objects Reporting, Visio, Power Point, GRC tools, ServiceNow
- Experience in design and supporting IT Governance, IT General Control, IT Security, Audit or Technology compliance framework.
- Strong understanding of Singapore MAS & SGX Technology Related Regulatory Requirements, as well as other regulator and control requirements (e.g. BASEL II, SOX 404, RBI, SEBI) in relation to best practice governance and risk management of Technology environments,
- Experience in external statuary audit and regulatory assessment facilitation including inspections.
- Understanding Investment Bank, Global Markets and Wealth Management technology front to back operations
- Experience in Technology Incident, Problem, Release and Change Management process preferably using ITIL model
- Experience in Agile SDLC and Cloud Governane
- Experience in technology risk assessment and third party vendor assessment
- Experience in leading stakeholder meetings
- Able to think laterally and take a pragmatic approach, when necessary, to issue resolution
- Strong communication skills and experience in liaising across multiple business and technology groups
Regional Disclaimers / Diversity Statement
Nomura is committed to an employment policy of equal opportunities, and is fundamentally opposed to any less favourable treatment accorded to existing or potential members of staff on the grounds of race, creed, colour, nationality, disability, marital status, pregnancy, gender or sexual orientation.