Senior Internal Control IT Risk Analyst

CLIENT: Energy trading firm

SALARY: S$10,000 to 12,000 per month + Attractive Bonus

SUMMARY

. Oversee control activities across multiple offices and to ensure that company's control framework is governing the business operation in a safe and compliant manner.

. Identify weaknesses within the organization's IT processes and infrastructures and ensure that proper measures are implemented to minimize such risk. You will also ensure that an optimized set of business process maps are in place and our internal procedures are promptly updated to reflect the agreed framework.

. Work with commercial and functional team to provide solutions/ recommendations to improve the controls and drive efficiency through continuous improvement. Proactively look out for any breach of procedure by our staff and potential control gap that could create a material risk to our organization.

. Responsible for collating global Internal Control reporting information that is required by both internal management and external stakeholders.

THE ROLE

Support the development and implementation of the IT Risk Management Framework, policies, and processes.

Coordinate and ensure key IT policies and procedures are documented and updated annually

Conduct investigations of IT incidents, delivering detailed reports that summarize root causes, impact assessments, and recommended corrective actions

Identify, assess, and monitor IT operational risks, including those related to change deployments, incident management, and system stability

Conduct risk assessments on IT projects, system changes, and deployment pipelines to identify potential vulnerabilities and control gaps

Track and manage risks and ensure follow-up actions are completed. Ensure controls are put in place to mitigate and manage the identified risks

Work closely with cross-functional teams including IT Operations, Cybersecurity, and development team to evaluate risks in system rollouts and technology changes

Perform daily controls monitoring and review

Conduct regular reviews on the privilege ID usage, key applications user access

Design, build and maintain Power BI dashboards and reports for risk identification, analysis and reporting.

Customize JIRA workflow and automation to adhere to Internal Control's framework and processes.

Support the Internal Control monthly report publication and ad-hoc reporting.

Participate and support internal and external audits, including J-Sox reporting, from evidence collection to tracking actions closure.

Drive a culture of risk awareness and continuous improvement within the organization.

REQUIREMENTS

Bachelors degree in Computer Science, Information Systems/Security and/or Business Management with professional certification in security and controls

8 years of relevant industry experience in IT Risk Management, IT Governance, Information Security or IT Infrastructure in energy/commodities trading or regulated environment

Broad exposure to a range of diverse technology, security concepts, tools, and methodologies

Experienced in reviewing technology domains across infrastructure, applications, cyber security, cloud technology, IT governance processes

Experience in IT incident investigation and reporting

Familiar with frameworks such as ITIL, COBIT, or ISO 27001 is an advantage

Professional certifications such as CRISC, CISA, CISSP, ITIL Foundation, or similar is an advantage.

Competent in the full suite of MS Office packages - specifically Word, Excel, Visio PowerPoint applications.

Competent in the use of data analytics and visualization tools - e.g. Power BI, Python, SQL, ACL, Alteryx, Tableau is a considerable advantage.

Knowledge of JIRA, Allegro, SUN, CubeLogic, ZEMA and IMOS is an advantage