Search by job, company or skills

Gravitas Recruitment Group (Global) Ltd

Tech Risk Management - Senior Manager

Gravitas Recruitment Group (Global) Ltd
Singapore
8-12 Years
new job description bg glownew job description bg glownew job description bg svg
  • Posted 2 days ago
  • Be among the first 10 applicants
Early Applicant

Job Description

Responsibilities

Technology Risk Governance & Framework

  • Establish, implement, and continuously enhance the Technology Risk Management framework across infrastructure, applications, cloud, cybersecurity, and technology resilience.
  • Define and operationalize risk appetite, key risk indicators (KRIs), and tolerance thresholds for all technology risk domains.
  • Lead and support technology risk governance forums and committees, providing independent oversight and constructive challenge.

Independent Risk Oversight & Challenge

  • Provide second-line independent review and challenge for technology and cybersecurity risks across the organization.
  • Evaluate and challenge key decisions regarding:
  • System architecture and design
  • Cloud adoption and configurations
  • Cybersecurity posture and controls
  • Technology resilience and disaster recovery
  • Escalate material risk exposures, control gaps, and risk appetite breaches to senior management and relevant committees.

Risk Advisory & Change Enablement

  • Act as a strategic risk advisor to Technology, Product, and Business teams, ensuring early identification of risks during initiative lifecycles.
  • Support embedding appropriate controls under secure-by-design principles.
  • Provide forward-looking risk assessments for major transformation programs, digital initiatives, and new product launches.

Technology Risk Assessment & Monitoring

  • Oversee and perform risk-based assessments across:
  • IT infrastructure and platforms
  • Application systems and SDLC processes
  • Incident management
  • Cloud environments (e.g., AWS)
  • Cybersecurity controls and operations
  • Develop and maintain continuous risk monitoring using data analytics and automation tools.
  • Translate technical findings into business-relevant risk insights, including financial, operational, and reputational impacts.

Cybersecurity Risk Oversight

  • Provide oversight and challenge across key cybersecurity domains, including:
  • Identity and Access Management (IAM)
  • Vulnerability and Patch Management
  • Network Security and Threat Detection
  • Data Protection and Data Loss Prevention (DLP)
  • Incident Response and Crisis Management
  • Assess control effectiveness against industry frameworks and standards (e.g., NIST, ISO 27001, CIS, MAS TRM Guidelines).

Issue & Remediation Governance

  • Oversee the identification, tracking, and remediation of technology risk issues and control deficiencies.
  • Ensure remediation plans are root-cause driven, sustainable, and timely.
  • Perform independent validation of remediation actions, providing credible challenge where necessary.

Regulatory Compliance & Engagement

  • Ensure alignment with applicable regulatory requirements and internal policies on technology and cybersecurity risk.
  • Support interactions with regulators, auditors, and internal stakeholders, including preparing materials and responses on technology risk matters.

Emerging Risk & Innovation

  • Identify and assess emerging technology risks, including:
  • Cloud concentration risk
  • Third-party and vendor risk
  • AI / model risk
  • Provide insights and recommendations to senior management on forward-looking risk trends and mitigation strategies.

Stakeholder Management & Reporting

  • Engage and influence senior stakeholders, including CIO, CISO, Product Leads, and Business Heads.
  • Prepare and present concise, risk-based reporting to senior management and relevant committees, including dashboards and key insights.

Requirements

  • Experience with data analytics, automation tools, or scripting is advantageous.
  • Familiarity with modern technology architectures (e.g., APIs, microservices, cloud-native environments) is beneficial.
  • Flexible and willing to take on additional assignments as needed.
  • Willing to travel up to 20% of the time.
  • Bachelor's degree in Information Technology, Information Systems, Computer Science, Cybersecurity, or related field.
  • 812 years of relevant experience in Technology Risk, IT Audit, Cyber Risk, or related roles, preferably in financial services or regulated environments.
  • Proven experience in a second-line risk management or oversight role is strongly preferred.
  • Familiarity with regulatory frameworks (e.g., MAS TRM, ISO 27001, NIST) is advantageous.

Application:

  • Apply to this job posting, and email your CV with the job title as the subject line to: [Confidential Information]

More Info

Job Type:
Permanent Job
Industry:
Other
Function:
Technology Risk
Employment Type:
Full time

Job ID: 144723203

Jobs by Skill - IT
Jobs by Skill - Non IT
International Jobs
Last Updated: 24-03-2026 09:39:24 AM
Homejobs in SingaporeTech Risk Management - Senior Manager