This site uses cookies. To find out more, see our Cookies Policy

IT Risk & Compliance Manager in Singapore at Great Eastern

Date Posted: 11/29/2018

Job Snapshot

  • Employee Type:
  • Location:
  • Date Posted:
  • Job ID:

Job Description

Job ID: 001095

Job Purpose

You will be assuming an integral role in IT Governance, Risk and Compliance for Great Eastern.

Job Description

• Implement an IT Compliance program to provide assurance on the compliance status in Group IT. The program will validate the key IT controls based on yearly prioritization and using an industry-accepted sampling methodology. The IT controls reviewed will consist of relevant processes, systems, reports and metrics.
• Monitor state of IT compliance with regulatory requirements and internal policies, and report on compliance lapses.
• Monitor changes in technology related legislation and regulation that affect the Group IT Technology Risk management and compliance, and develop a compliance program to address potential gaps.
• Conduct ongoing Compliance Review activities on key IT processes and system as per the plan and identify the gaps against standard requirements.
• To provide timely reporting on compliance review activity to management and track to closure, all actions and risk arising from the review.
• Assist in consolidating the Compliance Event Reporting form Group IT to GRM and also local RM&C.
• Assist in reviewing CRSA for regulations as per GRM and local RM&C’s schedule.
• Assist in the reporting compliance matters to Group IT management on regular basis
• Assist in IT Audit engagements, monitor and track the audit progress, status of information submission and escalating overdue responses accordingly.
• Assist in Root cause analysis for IT incidents, if required.
• Educate staff on compliance requirements and provide awareness sessions on risk & compliance matters.
• Source and validate data that measures Key Risk Indicator (KRI) to monitor and report on their statuses and initiate corrective actions, if any.
• Assist in maintaining departments Risk Control Self-Assessment (RCSA) and conduct control testing according to GRM & local RM&C requirements.
• Assist in the review of Project Risk Assessment (PRA) prepared by IT prior to start of project.

Job Requirements

Our Requirements

• Degree in Computer Science or IT related studies with at least 6 years of relevant working experience.
• 2 – 5 years of IT Audit experience.
• A CISSP, CISA qualification or equivalent.
• Knowledge of IT risk and controls framework, e.g. ISACA, ISO 27000 standards, and technology-related regulation such as MAS TRM Notice and Guidelines.
• A self-starter, always striving for excellence, innovative with service-oriented mindsets and initiative to improve processes.
• Good interpersonal skills; both verbal and written.

To all recruitment agencies: Great Eastern does not accept unsolicited agency resumes. Please do not forward resumes to our email or our employees. We will not be responsible for any fees related to unsolicited resumes.