FreeHire

sggovterp

Tech Risk Supervisor

Show

[What the role is]

You will be part of a team of experienced technology and cyber risk management professionals tasked to supervise some of the most important and largest local and foreign bank s in Singapore on their technologyIT implementation strategy and their management of technology risk management and cyber security.

You will closely oversee and assess the adequacy of the banks’ technology risk management and cyber security plans and programmes, take supervisory actions on lapses, direct the banks on actions needed and advise MAS lead supervising departments as well as senior management on your professional assessments.

[What you will be working on]

  • Conduct Boardroom / C-suite conversations with banks’ Board and Senior Management, closely and regularly engage banks’ IT/security/risk management leadership (CIO/CISO) on IT governance, technology and cyber risk management and compliance matters, and deep dive with banks’ IT professionals and internal/external auditors on IT/security architecture, implementation and operations matters.

  • Onsite and offsite inspections of banks and other financial institutions (including Domestic Systematically Important Banks, Critical Information Infrastructure Owners/Operators and global banks) on thematic control areas, such as privileged access management, network/system resilience, cyber security measures, Secure Development Lifecycle (SDLC), IT service management, change management, disaster recovery, incident/problem management, operational processes, IT third party risk management and IT governance (e.g. Three-Lines of Defence model).

  • Assessment of adequacy of Technology Risk Management (including cyber security), with a comprehensive review / benchmarking of all technology and cyber risk control areas and provide professional opinion on risk rating, supervisory messages and directions to the banks.

  • Oversee and guide FIs’ management of IT and cyber incidents, including timely response & recovery, adequate root cause analysis, disaster recovery, business continuity management, public communications and subsequent remediations of control gaps.

  • Assess banks’ breaches of MAS regulations, recommendation on supervisory actions, issuance of directions to banks on actions needed, monitoring and assessment of banks’ progress.

  • Research on emerging technology and cyber risk issues as manifested/forecasted in the banks within the team’s portfolio or as assigned, formulate an assessment and supervisory response, presentation of findings and seek approval of recommendations, and manage issues / implement solutions / issue guidance to banks. Provide professional input to MAS’ technology and cyber risk management policies and supervision methodologies.

  • Support Team, Division, Department, Group and MAS roles and duties such as meetings secretariat, management reports, response to public & parliamentary queries, FI incident reporting, escalation to management and MAS crisis management.

[What we are looking for]

  • Candidate should have the aptitude and strong interest in IT/cybersecurity audit/risk assessment, with an enquiring and critical mind.

  • Candidates with relevant working experience (including in related technology risk and cyber security areas) can be considered for more senior positions.

  • Candidate should have excellent written and spoken communication skills in English, with a conversation and writing style that emphasizes clarity/readability, robust logic and precision.

  • Candidate should be a team player, be able to support & complement team members and work across organisational lines.

  • Candidate should be a self-starter, methodical in task execution and meticulous in task deliverables, with key project management skills that include working with limited resources & tight timelines, innovative problem solving and excellent stakeholder management.

As part of the shortlisting process for this role, you may be required to complete a medical declaration and/or undergo further assessment.

All applicants will be notified on whether they are shortlisted or not within 4 weeks of the closing date of this job posting.