Senior IT Risk Specialist - Singapore - CA Search

CA Search

Verified Company

Singapore

3 weeks ago

Posted by:

Wei Jie

beBee Recruiter

Description

Commodities, Oil and Energy

12 April 2023

Offered Salary:

Salary will commensurate with relevant experience

Experience:

510 years

Qualifications:

Bachelor's Degree

Location:

Singapore, Singapore

SUMMARY:

You will assist in overseeing control activities across global offices and to ensure that its control framework is governing our business operation in a safe and compliant manner.

You will identify weaknesses within the organization's IT processes and infrastructures and ensure that proper measures are implemented to minimize such risk.

Work closely with commercial and functional teams to provide solutions/ recommendations to improve its controls and drive efficiency through continuous improvement.

You will proactively look out for any breach of procedure by our staff and potential control gap that could create a material risk to our organization.

You will also collate global Internal Control (IC) reporting information that is required by both internal management and external stakeholders.

THE ROLE:

Ensure an appropriate and tailored IT risk framework is in place and aligned with the overall IC framework;
Identify IT control gaps and work closely with IT team on the risk mitigations plan and documentation;
Conduct reviews on the privilege ID usage, ETRM and Finance systems' user access rights to ensure adherence to access controls standards;
Provide support on IT risk and control type of initiatives, including new system implementation and significant system change projects to ensure that proper controls are considered and included at the design-phase;
Ensure an optimised set of business process maps is in place and aligned with the system controls;
Lead and conduct IT related control gaps/incidents reviews, including root cause analysis, identification of mitigating controls, follow-up on the remediation actions;
Proactively identify control and process improvement initiatives and drive continuous improvement in the organization;
Provide internal control guidance and support to commercial and functional teams in managing the operational risks, and ensuring the quality and consistency of the internal procedures from an IC perspective;
Coordinate the Operational Sign Off process for all new business activity/product and tracking action items signed off by relevant functions;
Perform daily controls monitoring and review;
Compile and prepare key risk indicator report on a monthly and ad-hoc basis;
Ensuring consistency of IC approach across the whole organisation;
Coordinate and ensure the key company policies and procedures are updated annually and are aligned to our Parents' Internal Control requirements;
Provide assistance to both internal and external audits, including J-Sox reporting, and ensure timely completion of all open actions.

REQUIREMENTS:

Bachelor's degree in Computer Science, Information Systems/Security, Business Management or its equivalent, with professional certification in security and controls
5-10 years' relevant industry experience in risk and control management within IT or IT audit
Broad exposure to a range of diverse technology, security concepts, tools, and methodologies
Experience in IT incident investigation and reporting
Experience in an energy/commodity trading environment, or related regulatory environment will be an advantage
Knowledge of Application Security frameworks and standards

Competency in use of data analytics and visualization tools (e.g., Power BI, Python, SQL, ACL, Alteryx, Tableau) is a considerable advantage.

Knowledge of ETRM system would be an advantage