IT Governance and Control Specialist

BCS is NETS’ wholly owned subsidiary, and is an entity within the NETS Group. It manages and operates clearing and payment infrastructure for the Singapore Automated Clearing House, including Fast And Secure Transfers (FAST), Inter-bank GIRO (IBG), Cheque Truncation System (CTS), and provides services for PayNow and SGQR Central Repository.

Overall Function

The IT Governance is part of the Risk Management line 1 defense, working with different IT risk and action owners to ensure IT controls are effective and efficiently managed, in compliance with Regulatory requirements, NETS Policies and Process with system safety and soundness in mind.

This includes all matters related to Internal & External Audit, Risk & Compliance are managed appropriately to reduce Technology & IT Regulatory risks to acceptable levels.

Primary Responsibilities

• Responsible to review, assess and verify the compliance to the Regulatory Obligation (MAS TRM, Cyber hygiene, PDPA and relevant regulatory requirements) and NETS Policies and Process
• Advise on sound IT and cyber risk management matters, changes to MAS guidelines and notices, through timely updates to Senior Management
• Conduct independent verification on the IT controls and compliance testing performed by Risk Owners.
• Work with Risk Owners on the enforcement and improvement of IT processes and controls  for the non-compliance identified in the independent verification.
• Proactively engage Risk Owners on initiatives / remediation arising from an Internal Audit or External audit findings or Risk Assessment in the areas of Policies, Processes and Governance development.
• Formulate, develop and execute policies, processes and procedures to facilitate effective IT and cyber related-risk Process and Control arising from Audit Findings or Process improvement maturity
• Proactively engage in establishing IT Risk awareness within Technology aligning with the organization risk posture.
• Communicate and provide guidance of new IT policies and standards to relevant stakeholders.
• Undertake and execute risk assessment and assurance reviews as assigned

Requirements

• Minimum 8 years of experience in risk with at least 5 years of relevant experience specifically handling IT audits, risk and compliance, in a IT control function (preferably from financial/banking/payment industry)
• Open to candidates with experience in IT governance, IT audit, IT regulatory compliance who are keen to explore a career in IT risk management
• Strong knowledge of regulatory requirements and industry practices (e.g. NIST framework, MAS TRM Guidelines, MAS Cyber Hygiene, PDPA, Payments Act)
• Experience of implementation/operations of IT Controls and Processes in an FI environment
• Experience in facing external auditors and statutory regulator such as MAS
• Strong writing, communication and inter‐personal skills
• Attention to details, with the ability to thoroughly and accurately review IT policies, process and audit responses.

Network for Electronic Transfers (Singapore) Pte Ltd.