FreeHire

D L RESOURCES PTE LTD

Technology Risk Management | IT Audit Analyst (CISSP or CISA Preferred)

Show

Responsibilities:

Operational Support & Reporting

· Prepare project status reports, management reports, and dashboards for all scope areas (projects, operations, risk, vendor management).

· Deliver ad hoc reports for urgent leadership decisions and audits, ensuring clarity, accuracy, and actionable insights.

· Track operational metrics (e.g., SLAs, incident/defect rates, lifecycle KPIs) and provide insights for decision-making.

· Maintain reporting cadences and data quality standards; automate recurring reports where feasible.

· Support process standardization and governance across technology operations, including documentation, templates, and SOPs.

Audit & Risk Management

  • Manage internal and external audits and reviews, including GRC updates, RFIs, and audit observations.
  • Provide risk oversight and governance for technology domains.
  • Lead audit readiness activities: evidence management, engagement coordination, remediation tracking, and closure.
  • Monitor risks and track resolution of issues from breaches, incidents, reviews, and inspections; ensure timely updates and escalations.
  • Maintain knowledge artifacts: playbooks, control catalogs, FAQs, and micro-learning content.

Digital Workplace & Vendor Management

  • Oversee TPRA, vendor management, BCM, annual KRCSA, and risk reduction initiatives.
  • Manage technology asset lifecycle (hardware, software, licenses): refresh planning, obsolescence tracking, and decommissioning.
  • Coordinate procurement operations and vendor/contract enablement: intake, sourcing, onboarding, renewals, and compliance.
  • Partner with Vendor Management to track performance, SLAs, and contract obligations; support third-party risk assessments.

Technology Governance & Vulnerability Management

  • Oversee vulnerability management, remediation, and ISRA renewals.
  • Liaise with application domains on ORSA submissions, including obsolescence scope, budgeting, and delivery timelines.
  • Act as liaison for Tech Obsolescence task force and provide reporting.
  • Manage RTB Capex projects: budget tracking/approval, memo approvals, and escalation handling.

Key Deliverables

  • Management reports and dashboards for leadership and governance (including ad hoc requests).
  • Operational reporting with actionable insights.
  • Governance dashboards and risk reduction plans.
  • Compliance evidence (audit reports, remediation tracking, certification renewals).
  • Security assessment reports and vulnerability test results.
  • Lifecycle and obsolescence compliance validation.
  • Procurement documentation and vendor performance tracking.

Requirements:

Core Skills & Competencies

· Operational Reporting: KPI design, data quality, dashboarding, storytelling with data.

· Risk & Controls: Control design/effectiveness, risk assessments, issue management.

· Audit Readiness: Evidence management, walkthroughs, remediation tracking, stakeholder coordination.

· Process Governance: SOP creation, standardization, continuous improvement.

· Vendor & Asset Management: Lifecycle planning, procurement coordination, third-party risk awareness.

· Stakeholder Management: Cross-functional orchestration, facilitation, conflict resolution.

· Tools: Power BI, Excel (advanced), Jira, SharePoint/Confluence.

Education:

· Bachelor’s degree in a relevant discipline (CS, IT, Info Systems, Cybersecurity, Engineering)

· Preferred: Enhanced Credentials: Industry-recognized certifications such as CISA, CISM, CISSP, etc)

· At least 8-12 years’ relevant experience preferably in a Finance Institution.

Essential:

Experience

8–12 years in technology operations, risk/governance, or PMO support roles within banking or large enterprise environments.

1. Operational Reporting & Data Analysis

· 3–5 years’ experience in preparing management reports, dashboards, and KPIs.

· Strong ability to interpret complex operational data and present it in a clear, concise, and actionable format.

· Experience with ad hoc reporting under tight timelines for senior leadership.

2. Risk & Audit Management

· Hands-on experience in audit readiness, evidence management, and remediation tracking.

· Familiarity with risk frameworks, issue management, and compliance processes.

· Exposure to GRC tools and regulatory requirements in technology or banking environments.

· CISSP or CISA certification preferred

3. Vendor & Procurement Management

· Preferably with experience in vendor lifecycle management, including onboarding, renewals, and performance tracking.

· Knowledge of procurement processes, contract compliance, and third-party risk assessments.

4. Technology Lifecycle & Governance

· Understanding of technology asset lifecycle (hardware, software, licenses), refresh planning, and obsolescence tracking.

· Experience supporting vulnerability management and compliance validation.

5. Tools & Technical Skills

· Proficiency in Power BI, advanced Excel (pivot tables, macros), Jira, and SharePoint/Confluence.

· Ability to automate recurring reports and maintain data quality standards.

6. Stakeholder Management

· Experience working in cross-functional teams and managing multiple priorities.

· Strong communication skills for presenting data to senior leadership.

Key Domain/ Technical Skills:

· Proficiency in Power BI, advanced Excel (pivot tables, macros), Jira, and SharePoint/Confluence.

  • Ability to automate recurring reports and maintain data quality standards

· CISSP or CISA certification preferred