IT Risk Specialist

The NETS Group is a leading payments services group, enabling digital payments for merchants, consumers and banks across the entire payments value chain. 
 

The Group operates Singapore’s national debit scheme enabling customers of DBS Bank/POSB, HSBC, Maybank, OCBC Bank, Standard Chartered Bank and UOB to make payments using their ATM cards or mobile devices at more than 130,000 acceptance points in the country as well as online payments.

Position Summary

This role, as a second line-of-defence, is required to work with first line-of-defence functions to identify, assess, monitor and report key IT risks. This role is also required to work closely with divisions/functions to understand and document controls and identify potential areas of improvement. Experience in IT and Cybersecurity Risk management is necessary, with good communication and written skills.

Key Responsibilities

• Support in the implementation and operation of the IT risk management framework, policies, processes, and procedures
• Assist in the identification, prioritisation, assessment, monitoring and reporting of key IT risks
• Conduct risk and controls self-assessment (RCSA), operational loss event reporting, assess risk control adequacy and effectiveness
• Monitor and report risk tolerances and key risk indicators
• Support incident risk management and escalation, IT risk-related projects and/or initiatives
• Assist in the conduct of risk committee meetings, risk awareness training and workshop for staff
• Maintain a trusted and collaborative relationship with stakeholders, to promote risk awareness and resiliency

Requirements

Experience & Professional Certification

• Minimum degree in related discipline and at least 4+ years of experience in IT Risk including ITDR/Business Continuity and Resiliency; experience in a regulated financial industry
• Experience in IT operations, Internal/IT Audit and relevant risk certifications (e.g. ITIL, CISSP, CRISC) is an added advantage

Skills and Knowledge

• Knowledge of current regulatory requirements in Singapore and industry best practices (e.g. MAS TRM Guidelines, MAS Cyber Hygiene, Cyber Security Code of Practice for Critical Information Infrastructure, FSM-N13, FSM-14)
• Good working knowledge of risk management and control concepts, constantly paying attention to details and ability to perform deep-dive investigation
• Good stakeholder management and collaboration skills
• Strong and effective written and verbal communication skills in English is a must
• Highly motivated and has a strong desire to learn and succeed
• Excellent problem-solving skills, ability to prioritize, multi-task and handle tight deadlines
• Proactive team player with ability to work independently with minimal supervision

Network for Electronic Transfers (Singapore) Pte Ltd.