AVP, Technology Governance & Control Team
About the job
The Technology Governance & Control Team is a key IT Team providing IT Technology Governance and Control oversight on the IT System Development and Service Management, IT Operations, and IT Support and Control functions
- Design, develop, implement and maintain the IT Technology Governance and Control framework, Policies and Processes (inclusive of process implementation and tools development). This covers areas in IT System Development and Maintenance, IT Service Management (ITSM), IT Assets Management (ITAM), IT Security and Operations, with a strong focus on Identity Access Management for Singapore Branch and across APAC Branches.
- Establish IT Control objectives that are in line with regulatory requirements (e.g., MAS TRMG, BNM RMIT) and the bank’s internal IT procedure manuals.
- Ensure compliance with the bank’s IT Governance policies and procedures and implement support initiatives to strengthen the overall governance framework, e.g., liaise with IT system owners to perform system risk assessment whenever there are system enhancement or new onboarding of systems.
- Liaise and work with APAC branches on the standardization of processes and procedure and perform review of APAC Branches’ IT related documents such as Procedure Manuals and Guidelines.
- Carry out regular compliance check on IT controls on Project Management, IT Security and Operation, and identify non-compliance and work with stakeholders to remediate the non-compliance areas.
- Identify and implement areas of improvements within IT for better productivity, better controls and higher efficiency on overall IT Operation.
- Subject Matter Expert on topic related to Identity Access Management (IAM).
- Design and implement a comprehensive IAM framework that covers all aspects of identity management, access control, and privileged access management.
- Provide leadership and guidance to the technology teams to ensure that they adhere to the IAM policies and procedures, including user access management, identity verification, and security controls.
- Manage the implementation of an effective IAM toolset (e.g., SailPoint).
- Ensure that relevant controls are applied, e.g., Review of end users’ system access requests and ensure appropriate provisioning are granted with timely de-provisioning achieved and perform periodic review of users’ access into IT system to ensure there are no unauthorized access.
- Provide review and assessment on user access matrix (UAM) for respective system and work with IT system owners to ensure proper segregation of duties are implemented within the system.
- Bachelor’s degree in IT or equivalent with min. 10 years of working experience with good knowledge and experience in IT Governance and Control function, preferably within the Financial Services sector.
- Strong leadership and people management skills, with experience in managing teams responsible for IAM and IT Auditing is an added advantage.
- Subject Matter Expert on Identity Access Management especially system and users’ access control management.
- Ability to identify the risk within process and develop control checks to ascertain the controls implemented are effective.
- Solid technical and functional knowledge of relevant regulatory and compliance requirements, with proven experience in applying legal/regulatory guidance into solving practical problems.
- Ability to work collaboratively with stakeholders at all levels of the organization (e.g. between HQ, APAC branches and Singapore teams)
- Good working knowledge of relevant industry standards and understanding of industry trends and products.
- Proven ability to understand, identify, analyse and communicate clearly the operational risks within processes.
- Good understanding of the overall System Development and Operational processes within the financial services industry.
- Strong decision-making skills, with the ability to demonstrate sound judgement.
- A structured and logical approach to work.
- Strong problem solving and numerical skills.
- Ability to manage large workloads and tight deadlines and prioritize accordingly.
- Experience in IT Governance Reviews, Controls Testing and Assurance, and delivery of training.