it risk associate manager (global exposure, grc).

About the company

Randstad is partnering with a leading organization focused on providing outstanding solutions in information technology, risk management, and security. With a worldwide reach, it serves as a center of innovation and expertise. By staying ahead of industry trends and technologies, this firm maintains its leadership position in the field.

About the role

This role will be situated within the Risk Management division of the Information Risk Management, Security, and Governance (IRMSG) department of IT. The scope of responsibilities encompasses global locations.

As the IT Risk Associate Manager, you will play a crucial part in guaranteeing the effective management, mitigation, and control of risks related to information, systems, and applications. This encompasses safeguarding against potential cybersecurity breaches and possible disruptions in the supply chain. The responsibilities of this role involve creating, implementing, and upholding IT policies and procedures, as well as conducting control assessments based on identified risks. You will take the lead in performing IT risk assessments and reviews to ensure adherence to regulatory mandates. Moreover, this role will actively seek out opportunities to enhance IT governance processes.

This position also functions as the point of contact for all IT risk assurance activities throughout the organization, aligning with the organization's overarching policies. It necessitates a comprehensive grasp of the entire business environment, ranging from day-to-day operations to strategic business goals, in order to establish effective IT-related controls. Familiarity with industry-standard risk management practices, IT governance, relevant technologies, and methodologies is essential to contribute to the advancement..

Ultimately, the IT Risk Associate Manager bears the responsibility of ensuring the IT department's accountability to the board. This includes addressing both core and functional business-unit risks, proposing corrective action plans, and safeguarding the strategic direction.

About the manager/team

This position will have a direct reporting line to the Head of IRMSG. With a total team size of 100+ employees in the tech team across the globe, Singapore has a team size of 30+ employees. This is a unique opportunity to gain global exposure, and the chance to work together with experienced professionals while contributing to the overall security of the organization.

Skills and experience required

• Hold a degree in IT, Computer Science, Engineering, Information Security, or a related field, or possess equivalent qualifications.
• Bring previous practical experience in the field of IT, with a minimum of 4 years dedicated to Technology Risk Management, which includes expertise in cyber security and technology audits.
• Showcase proven hands-on proficiency in recognizing, evaluating, managing, overseeing, reporting on, and providing counsel about technology risk management.
• Exhibit a solid grasp of security risk management and security governance methodologies. Familiarity with industry benchmarks like ISO27001/2, CIS Critical Controls, NIST Cybersecurity Framework, risk management tools, technical vulnerability management, security technologies, and current security trends and operations is a plus.
• Demonstrate adeptness in comprehending privacy and data protection laws and regulations, such as GDPR and PCI-DSS.
• Possess exceptional organizational, analytical, interpersonal, and operational competencies necessary for effectively driving the IT Risk agenda.
• Display strong communication skills across all tiers, capable of effectively engaging with both IT and business management to propel IT risk mitigation efforts and provide various IT risk management services.
• Exhibit sound technical proficiencies and exposure to aspects like IT application or infrastructure development, support, and management. Prior experience in steering IT risk management through digital platforms is an advantageous attribute.
• Preferably have knowledge encompassing Information Security, System Resiliency & Availability, and Software development practices and frameworks.
• Possess the capability to rapidly grasp the functionalities and capabilities of emerging trends and technologies.

To apply online please use the 'apply' function, alternatively you may contact denise.wang (@)randstad.com.sg for further discussion. LinkedIn (EA: 94C3609 l Registration Number: R1989322)