IT Risk & Governance Analyst (JD#11152)

Job Summary

An exciting opportunity for a driven IT Risk and Governance Analyst to ensure that the enterprise IT security controls are to their highest possible standards.

Mandatory Skill-set

• Degree in Computer Science, Information Technology, Engineering, Cybersecurity, Information Security, or related discipline;
• Must have 5 years of experience in IT governance, cybersecurity, or technology risk management;
• Must have exposure to MAS TRM, Outsourcing Guidelines, Cyber Hygiene, Data Protection, and Third-Party Risk Management;
• Experience with vulnerability management, endpoint security, and cyber hygiene programs;
• Ability to influence across IT, risk, compliance, and business units;
• Excellent understanding of technology and operational risks, regulatory requirements;
• Proactive, motivated, open-minded with good attitude and willingness to learn;
• Excellent communication, presentation, and advisory skills;
• Ability to work independently, manage stress and multitask in a fast paced environment.

Desired Skill-set

• CISM, CISA, CRISC certifications;
• Risk Management certifications.

Responsibilities

• Implement and maintain IT governance frameworks aligned with MAS regulations and internal policies;
• Develop, review, and update IT policies, standards, procedures, and security guidelines;
• Conduct IT and cybersecurity risk assessments and monitor remediation activities;
• Maintain IT risk registers and track closure of identified control gaps;
• Oversee cybersecurity governance activities and regulatory compliance requirements;
• Support identity and access governance, periodic access reviews, and privileged access monitoring;
• Ensure cloud services comply with security policies and MAS regulatory requirements;
• Manage third-party and outsourcing risk assessments, vendor due diligence, and periodic reviews;
• Coordinate cyber incident governance, escalation procedures, regulatory notifications, and post-incident reviews;
• Support Business Continuity Planning (BCP) and Disaster Recovery (DR) governance and testing activities;
• Coordinate internal/external audits and regulatory inspections, ensuring timely closure of findings;
• Prepare governance, risk, compliance, and security reports for management and regulators;
• Drive continuous improvement initiatives to enhance governance maturity and security posture;
• Act as the primary liaison between IT, Risk, Compliance, Internal Audit, and business stakeholders on governance and security matters.

Hello Sandhya, I was auditing the Linkedin Posts and saw your job posting. Please note that all job postings need to include the footer:

Should you be interested in this career opportunity, please send in your updated resume to [email protected] at the earliest.

When you apply, you voluntarily consent to the disclosure, collection and use of your personal data for employment/recruitment and related purposes in accordance with the SCIENTE Group Privacy Policy, a copy of which is published at SCIENTE’s website (Privacy Policy | SCIENTE

Confidentiality is assured, and only shortlisted candidates will be notified for interviews.

EA Licence No. 07C5639