We are one of the largest investment management organizations in the world, with over 1000 people working together to create long-term value.
The Technology Group (TG) is a key enabler to keep our business moving forward and is constantly exploiting state-of-the-art information technologies to enhance GIC's ability to be the leading global long-term investment firm. We aim to provide users with empowering and transformational capabilities, and to create an inclusive, innovative and integrated work environment.
Cyber Security, Information & Technology Risk (CSITR) is an integral cyber, information and technology risk management function within GIC, tasked with securing digital assets and business data from cyber threats & adverse impacts.
We are looking for a suitable candidate for a Senior Risk Manager, Information Technology Risk Management (Contract), who will be responsible for definition and execution of technology risk programs. Responsibilities
- Develop and enhance continuous controls monitoring and visualisation tools to monitor existing risk controls, with Python and Tableau.
- Document continuous controls monitoring framework and technical documentation of developed tools
- Understand and application of cyber, information and technology risk policies, standards and guidelines for the firm.
- Act as a domain expert and trusted partner in information and technology risk; work closely with Information and Technology Risk Officers and stakeholders in various functions to enforce information and technology risk management policies and standards.
- Conduct periodic and ad-hoc assessments to monitor compliance with security policies and security controls design and operating effectiveness
- Review information and technology risk, audit and operational risk issues to identify root causes, trends, and recommend appropriate remediation.
- Identify and assess emerging risks and devise effective mitigating controls together with stakeholders.
- Work closely with peers in ITRM, and partner with Operational Risk & Monitoring (OR&M) in monitoring operational risk tolerance metrics, operational risk events and control deficiencies, as well as reporting and escalations to relevant Risk Committees.
- With Bachelor's Degree in Information Technology, Computer Science, Engineering or equivalent.
- At least 4 years of relevant experience in financial services industries, with minimum 1 year in risk functions involving Information, Technology and Cyber Security risk.
- Experience with Python, Tableau and aggregating data from various source systems.
- It will be a huge advantage if you have professional qualifications - CISM, CRISC, PMP, CISA, CISSP, CSX.
- Proficient in analysing and integrating structured and unstructured data to provide insights and aid decision making.
- Proficient with rapid application development and prototyping. Full stack development experience would be advantageous.
- Professional knowledge and experience with industry Information, Technology Risk or Cyber Security management frameworks.
- Equipped with professional business partnership and virtual team management experiences.
- Strong influencing, problem solving, analytical and interpersonal skills.
- A self-starter who can work in a collaborative environment with strong ownership.