Front Office Services-Alt Ops

Technology Risk Management

Department

GR&RS

Job Description

JD for Technology Risk Management

KEY ACCOUNTABILITIES

• Implement TRM Framework: Implementation of the Local Business Unit (LBU) Technology Risk Management (TRM) framework, ensuring alignment with local and regional requirements.
• Provide Expertise and Guidance: Offer technical and best practice guidance on information and technology risk, taking into account platform-specific and regional complexities.
• IT Risk Indicators: Manage and review standardised IT key risk indicators/metrics submission from all various IT Functions for analysis and early identification of risk trends.
• Risk Appetite and Key Metrics: Establish and roll out the information and technology risk appetite and key risk metrics for effective management oversight.
• Risk Register Monitoring: Proactively monitor the LBU risk register and escalate any potential risk areas for Group-level reporting, ensuring risks are appropriately rated and mitigated.
• Collaborate with various stakeholders: Maintain a trusted, collaborative relationship with stakeholders to promote engagement in TRM activities and reporting requirements, including the preparation and collation of the Eastspring Investments Group Risk Committee’s Risk Pack.
• Risk Culture: Promote a strong risk management culture across LBU stakeholders, focusing on managing information and technology risks effectively.
• Support Periodic Risk Reporting: Assist the LBUs 2^nd line ORM/ERM in ensuring timely and accurate reporting of information and technology risk matters to the LBU risk committee.

EXPERIENCE / QUALIFICATIONS

• 2-5 years of relevant experience, with compulsory experience in Technology or Risk Management/Audit.
• Candidates should demonstrate experience in identifying, managing, and reporting risks and controls in at least three or more of the following areas:
  • IT Infrastructure Management: Networks, platforms (e.g., IBM, Unix, Windows), middleware, and databases.
  • Application Development and Change Management (SDLC): Experience with the full software development lifecycle.
  • Identity and Access Management (IAM): Experience with tools like SailPoint, CyberArk.
  • Cybersecurity: Familiarity with frameworks like NIST, and experience with security tools and operations.

• Analytical, meticulous, self-starter with strong written and spoken communication skills in English a must. Ability in written and spoken Mandarin a plus.
• Ability to multi-task and handle tight deadlines.     
• Proficient in Microsoft office tools.
• Candidates with the relevant certifications in areas such as Technology Risk Management, Technology Audit, IT Management, Cybersecurity, Cloud, Software Engineering, or Project Management will have additional advantage. Examples include:
  • Risk Management: CRISC (Certified in Risk and Information Systems Control)
  • Audit: CISA (Certified Information Systems Auditor)
  • IT Service Management: ITIL Foundation, PRINCE2, PMP
  • Cloud/Network: Microsoft Certified Azure Solutions Architect Expert, (ISC)² CCSK, CompTIA Cloud Essentials
  • IT/Information Security: CISSP, CISM, CompTIA Security+
  • Software Development: DevOps Engineer Professional, Google DevOps Engineer, Microsoft Certified Solutions Developer
• Skillsets in coding e.g. Python, and intelligence dashboards like PowerBI would be advantageous.

Open Positions

1

Mandatory Skills

Technology Risk, IT Risk Management, Cyber Security, CISA,

Education Qualification

MBA

Experience

3 to 8 years