An exciting opportunity for a driven IT Risk and Governance Analyst to ensure that the enterprise IT security controls are to their highest possible standards.

Mandatory Skill(s)

• Degree in Computer Science, Information Technology, Engineering, Cybersecurity, Information Security, or related discipline;
• Must have 5 years of experience in IT governance, cybersecurity, or technology risk management;
• Must have exposure to MAS TRM, Outsourcing Guidelines, Cyber Hygiene, Data Protection, and Third-Party Risk Management;
• Experience with vulnerability management, endpoint security, and cyber hygiene programs;
• Ability to influence across IT, risk, compliance, and business units;
• Excellent understanding of technology and operational risks, regulatory requirements;
• Proactive, motivated, open-minded with good attitude and willingness to learn;
• Excellent communication, presentation, and advisory skills;
• Ability to work independently, manage stress and multitask in a fast paced environment.

Desirable Skill(s)

• CISM, CISA, CRISC certifications;
• Risk Management certifications.

Responsibilities

• Implement and maintain IT governance frameworks aligned with MAS regulations and internal policies;
• Develop, review, and update IT policies, standards, procedures, and security guidelines;
• Conduct IT and cybersecurity risk assessments and monitor remediation activities;
• Maintain IT risk registers and track closure of identified control gaps;
• Oversee cybersecurity governance activities and regulatory compliance requirements;
• Support identity and access governance, periodic access reviews, and privileged access monitoring;
• Ensure cloud services comply with security policies and MAS regulatory requirements;
• Manage third-party and outsourcing risk assessments, vendor due diligence, and periodic reviews;
• Coordinate cyber incident governance, escalation procedures, regulatory notifications, and post-incident reviews;
• Support Business Continuity Planning (BCP) and Disaster Recovery (DR) governance and testing activities;
• Coordinate internal/external audits and regulatory inspections, ensuring timely closure of findings;
• Prepare governance, risk, compliance, and security reports for management and regulators;
• Drive continuous improvement initiatives to enhance governance maturity and security posture;
• Act as the primary liaison between IT, Risk, Compliance, Internal Audit, and business stakeholders on governance and security matters.

If you are interested in this role, click on the “Apply to this job” button below or you could also write in with your CV to Sandhya Prajapati at sandhya.p@sciente.com quoting the job title.