IT Technology Risk Manager

Technology Risk Manager

Grant Thornton is a global professional service network of more than 60,000 people in over 130 countries. Our team in Singapore is growing rapidly and we know this success is made possible by our people. That’s why we make sure our people have the right tools and environment to thrive.

Each individual at Grant Thornton Singapore is empowered to be themselves within an inclusive team. Our supportive structure gives our people the autonomy to shape their careers and drive positive change in the firm. It’s an exciting time to join us as we grow with organisations of all sizes and industries in Singapore, across the region and in the world.

Business Risk team

Our team helps organisations tackle issues around governance, risk, and controls, including IT/ technology risks, so that they can make strategic and risk-informed decisions. We support financial institutions and other businesses by conducting internal audits, assessing the effectiveness of their internal audit teams, reviewing internal controls, advising on regulatory compliance, and improving governance through enterprise risk management.

At the heart of our young and dynamic team is a growth mindset. The non-silo culture allows our team to openly bring up questions and ideas to the leaders. In turn, our leaders are dedicated to helping our team nurture their skills and grow in their careers. During peak periods, our team work closely together and support one another to bring value to clients in a timely manner. The team primarily works with clients in the financial services industry and projects may entail cross-border collaboration with other GT member firms and international travel.

The Role

This is a new position in our rapidly growing Business Risk team. In this position, you will play a key role in developing the IT-side of the practice as well as in building and maintaining the valued relationships with clients. As a vital and key member of the team, you will assume a critical role of growing the practice by leading and managing technology-related advisory engagements which includes providing guidance and directions, and knowledge sharing to the project team to facilitate the successful delivery of services to our clients. You will be able to gain experience in a great variety of work to enhance your business development, technical competency, and people development skills, while being in an environment that provides autonomy.

Responsibilities include:

• Possess good business acumen and leading the efforts in IT and technology risk to drive business development opportunities, including developing and fostering relationships with clients
• Build and develop relationships with internal and external stakeholders, where required, to serve client needs
• Possess in-depth technical capabilities, practical experience and professional knowledge in technology risks, processes, and controls, including the ability to demonstrate extensive knowledge and understanding of complex IT audit areas, and apply it in the delivery of services to the client
• Demonstrate excellent project management and client management skills
• Manage the project execution team in performing fieldwork and be responsible for the timely delivery of high-quality project deliverables, including reviewing written reports and support the closure of projects
• Lead and discuss client issues and challenges with senior stakeholders and provide recommendations based on analysis and experience, including at closing meetings
• Provide guidance to junior team members and constructive feedback/ coaching to mentor junior team members
• Keep abreast with MAS and other applicable regulations on IT related notices, guidelines and acts including Technology Risk Management (“TRM”), Cyber Hygiene, Outsourcing and Personal Data Protection Act (“PDPA”)

Qualifications and requirements

• Recognised bachelor’s or master’s degree in Information Technology, Accounting, or other related fields
• At least 5 years of experience working as IT internal auditor or consultant in public accounting or professional services firm, or have industry experience in IT risks and controls
• A professional qualification in CISA or CIA would be preferred
• Experienced in performing IT audits, IT general and application controls review, IT-related implementation reviews, regulatory compliance reviews on technology and cyber risk regulations, IT infrastructure reviews, cyber security reviews, and ERP security and controls review for SAP, Oracle, PeopleSoft, and similar systems.
• Familiar with Governance, Risk and Compliance (“GRC”) tools configuration preferably with some implementation experience in automating GRC processes
• Familiar and good understanding of MAS regulations on IT-related guidelines and requirements such as TRM, Cyber Hygiene, Outsourcing and PDPA
• Proficient in Microsoft Office applications including Microsoft Excel, PowerPoint, and Word
• Ability to use data visualisation and data analytics tools (such as Excel, PowerBI, Tableau) to enhance fieldwork execution and deliverables
• Highly motivated with experience in working within and supervising a team of professionals
• Proficient in conducting presentations, writing reports, and interpersonal communications
• Analytical, organised, and able to manage multiple projects at the same time

We are proud to be an equal opportunity firm where we celebrate what makes each individual unique. We are committed to nurturing our inclusive workplace. So, no matter where you are from, we invite you to discover more about us.