IT Governance & Risk Lead

Who we’re looking for

We’re looking for someone experienced in IT risks and infrastructure to join the APAC Infrastructure and Infosecurity team to help shape our approach in addressing technology risk requirements in line with both best practices as well as external requirements including MAS TRM Guidelines and Cyber Hygiene Notice. We have an exciting IT infrastructure book of work where you’ll support and partner with senior sponsors and IT Infrastructure specialists to drive and deliver a portfolio of change initiatives. You must like producing high quality work, working in a team, as well as with a variety of different people and communicates well. You’ll help to identify areas that need attention, or have gaps, and be able to suggest possible solutions.

What you’ll do

• Lead and steer project teams and participants to deliver programme priorities including but not limited to MAS TRM and China projects.
• Work alongside IT Infrastructure program management to provide input to the design and implementation of business change management strategies and plans
• Consult and support the definition, implementation of information security and risk management controls
• Manage the compliance of technology/information security related requirement with the relevant regulators.
• Provide monthly application related Key Risk Indicators for technology risk dashboard reporting.
• Partner with key business stakeholder to influence change and others toward a common vision or goal
• Manage stakeholder communications and ensure key stakeholders’ concerns are addressed
• Development and maintenance of project documentation and ensure audit requirements are fulfilled
• Partner with our business management team to support budgeting/forecasts, vendor management and related activities

About Schroders

We’re a global investment manager. We help institutions, intermediaries and individuals around the world invest money to meet their goals, fulfil their ambitions, and prepare for the future. We have around 4,000 people on six continents. And we’ve been around for over 200 years, but keep adapting as society and technology changes. What doesn’t change is our commitment to helping our clients, and society, prosper.

The team

This is a hybrid role across Infosecurity and IT infrastructure. The Schroders Global Information Security function ensures our business is able to operate safely in a dynamic threat and technological environment by effectively managing the risks to its information assets. To achieve this aim, the function contains teams responsible for Technology Risk, Governance Risk and Compliance, Security Operations and Architecture, the Business Information Security Officer team, and the Information Security Change Programme.

The IT Infrastructure team is responsible for running all aspects of Infrastructure. We provide Infrastructure services spanning the Schroders Group of Companies and cover all aspects of Infrastructure from Service Desk/NOC, Operational Support to Architecture and Engineering. We have engineering and support personnel in most global offices, but the bulk of architecture, engineering and operations happens in London, Luxembourg, Singapore & New York. Over the past 2 years we have built globally consistent teams, technologies and processes and insourced all Infrastructure services from a long term service partner.

The base

You’ll be based in our Singapore office and report into the Head of IT Infrastructure and Information Security APAC, and will be a key member across both regional IT Infrastructure and Information Security teams.

The knowledge, experience and qualifications you need

• Degree graduate with at least 8 -10 years of technology experience working across information security and IT infrastructure
• At least 5 years of project management experience in financial services
• Professional information security or risk qualification /degree e.g. CISSP, CRISC, CISA, CISM is essential
• Experience in analysing and driving compliance levels against relevant requirements from financial regulatory bodies in APAC, such as CSRC, CBIRC, OJK, SFC, FSC, MAS etc.
• Competency in Mandarin language and written Chinese will be essential, as this role will need to interact with both internal and external China stakeholders

What you’ll be like

• Keen interest in current technological trends and developments in the area of information security and risk management
• Excellent communication and reporting skills, including the ability to simplify complex technical information into clear executable business intelligence.
• Good all round knowledge of access controls across applications, operating systems, database platforms, web technologies, and cloud solutions highly desirable.
• A critical thinker who’s able to look at things from different angles and enjoys solving problems
• Able to identify areas that need attention or have gaps and suggest and drive solutions.