Our client, a prominent finance firm. Is seeking a highly skilled and experienced IT Risk and Control Manager. You will be responsible for overseeing risk and control activities within the Information Technology Division, ensuring compliance with regulations, policies, and industry standards. This role is a LOD 1.5 function, ensuring compliance with regulations, policies, and industry standards.
Â
Responsibilities:
Lead and plan regular independent control assessments to evaluate compliance with applicable regulations, policies, IT standards, and industry best practices.
Test and evaluate evidence, identify control deficiencies, and proactively propose improvement opportunities to enhance the control environment.
Monitor and verify the implementation of remediation plans and controls by ITD functions, ensuring the closure of identified risks and issues.
Prepare comprehensive review reports that effectively communicate issues, root causes, and actionable recommendations to IT management.
Conduct training sessions to promote IT risk and control awareness and track compliance with established IT policies and standards.
Facilitate discussions with IT teams to gather control design requirements and guide the resolution of identified control issues.
Drive the establishment, enhancement, and maintenance of data analytics capabilities to strengthen control review processes.
Evaluate the functionality of existing and new technology platforms, ensuring alignment with policies and IT standards.
Collaborate on internal and external technology audits, actively participating in deep dives and testing exercises.
Collaborate closely with IT teams to define practical remediation measures and document review results accurately.
Maintain a continuous learning mindset, staying updated on IT risk and control concepts and industry trends.
Â
Requirements:
Bachelor's degree (or equivalent) in information technology or a related field.
A minimum of 6-8 years of relevant working experience, preferably in a multinational financial institution or consultancy firm.
Strong understanding of internal control concepts and the ability to assess and evaluate controls holistically, considering business and technology risks.
Proven experience in conducting infrastructure, application, or business process reviews.
Knowledge of NIST Cybersecurity Framework, ITIL, CMMI, ITSM, COBIT, and PMBOK.
Professional certifications such as CGEIT, CRISC, CISA, and/or CISSP are highly desirable.
Strong verbal and written communication skills in English, enabling effective participation in discussions, presentations, and report writing.
Familiarity with distributed technologies, operating systems, and database platforms, along with a solid understanding of related controls.
Ability to manage multiple tasks concurrently, prioritize effectively, and work independently with minimal supervision.
Â
If this outstanding opportunity sounds like your next career move, please submit through "Apply Now" or send your resume in Word format to Danny Kwan at resume@pinpointasia.com and put IT Risk and Control Manager/ Senior Manager in the subject header.
Data provided is for recruitment purposes only.