Roles & Responsibilities
The IT Risk Management function in Asia is responsible for governing and managing technology risks. Working in close collaboration with IT teams, the function aims to foster a strong risk culture and enhance transparency for senior management. This role will support the implementation and oversight of IT risk controls, contribute to risk reporting, and assist in compliance with regional regulatory requirements.
Key Responsibilities
Service Delivery
- Manage regulatory remediation projects and validate associated IT remediation actions
- Support the implementation of IT risk management strategy, frameworks, and standards
- Handle daily IT risk operations including :
Maintaining the central risk register
Monitoring and tracking risk mitigation / remediation plans
Following up on risk treatment actions
Assist in preparing materials for IT Risk Management Forums and Operational Risk Committees (Singapore and Hong Kong)Conduct regulatory (MAS, HKMA) and security-related assessmentsReview technical control effectiveness, identify gaps, and ensure appropriate follow-upExecute and validate internal control plansReview application security design as part of project implementationsLiaise with internal / external auditors and track IT-related audit itemsPerform routine security tasks (e.g., password management, access reviews)Support and promote a positive risk culture through training and communication initiativesPrepare IT Risk Awareness training contentKey Functions & Accountabilities
IT Risk Management
Maintain a centralised risk register for the Asia regionSupport risk owners in formulating strategies for mitigating / remediating risksMaintain oversight of all open risk items (High, Medium, Low)Collaborate with IT project teams to address residual risks in project deliveryCoordinate with Information Security to mitigate cyber risksDevelop risk reporting materials for regional committeesTrack the status of internal controls and highlight remediation needsProvide support for regulatory and internal / external audit reviewsTrack and ensure timely closure of audit issuesStakeholder Management
Collaborate with regional and global IT functionsEngage with Operational Risk, Legal, and Compliance teamsWork with IT service owners, infrastructure and application managers, architects, and project managersLiaise with global risk and information security functionsRegulatory & Risk Conduct
Promote ethical, compliant behaviour through adherence to regulatory standards including :Integrity, fairness, due diligence
Conflict management, continuous learning, and risk control
Compliance with Singapore and Hong Kong regulations
Requirements
Personal Attributes
Strong communication skills (written, verbal, presentation)Independent, self-motivated, and able to manage stressRelationship-building and conflict resolution skillsCollaborative team playerProfessional Skills
6–7 years’ experience in IT, risk management, audit, or security functionsPrior experience in banking, preferably wealth managementTechnical knowledge and experience in system delivery / implementationCertifications preferred : CISSP, CISARegulatory Knowledge
Familiar with Singapore and Hong Kong regulatory landscapes (e.g., MAS, HKMA)Experience liaising with regulators is an advantageTell employers what skills you have
Wealth Management
Information Security
Remediation
Due Diligence
Risk Assessment
Stress
Transparency
Risk Management
Conflict Resolution Skills
Operational Risk Management
Banking
Operational Risk
CISA
Regulatory Requirements
Stakeholder Management
Audit
Financial Services
CISSP
Service Delivery
