Apply now »

Job Title:  Wholesale IT Risk and Control

Job Code:  10788
Country:  SG
City:  Singapore
Skill Category:  IT\Technology
Description: 

Company overview

Nomura is a global financial services group with an integrated network spanning approximately 30 countries and regions. By connecting markets East & West, Nomura services the needs of individuals, institutions, corporates and governments through its three business divisions: Wealth Management, Investment Management, and Wholesale (Global Markets and Investment Banking). Founded in 1925, the firm is built on a tradition of disciplined entrepreneurship, serving clients with creative solutions and considered thought leadership. For further information about Nomura, visit www.nomura.com

 

Job Title:  Wholesale IT Risk and Control
Corporate Title:  Executive Director
Department:  Technology
Location:  Singapore

Department overview:
Wholesale IT Risk and Control function (WS ITRC) manages technology risk across the Wholesale IT division globally by implementing a divisional risk framework and processes, aligned with GCIO and ORM standards, while ensuring rigorous oversight to maintain the division is within its risk appetite. We provide timely and comprehensive risk and control management reporting to support the integrity and resilience of Wholesale IT operations globally. The team always strives to increase risk awareness across the WS technology community and provide advisory service on Risk and Control matters. We are currently looking for risk management professionals with prior experience in the IT risk management space with particular focus on Wealth Management IT. 

Role description:

  • Provide Wholesale IT management with adequate risk and control reporting providing full picture of key risks and control metrics.
  • Perform oversight and challenge of the relevant IT activities to ensure they conform to applicable IT policies and procedures and the overall Operational Risk Framework.
  • Challenge technical teams’ controls and remediation actions to ensure they are effective and fit for purpose. Actions can be in response to Audit or regulatory findings, self-identified issues, event or ineffective control remediations.
  • Support regional CIO in managing regulatory and regional matters including regulatory inspections, assessment and tracking of regulatory and audit findings remediation activities and representing the area in regional management forums
  • Support technology teams with Internal and External audit activities, including advisement on audit requests, review of audit findings and proposed remediation actions, as well as challenging completeness and sustainability of completed actions.
  • Collaborate with regional Chief Control Office staff in assessing new regional regulations and its impact to Wholesale technology. Support regulatory inspections and inquiries.
  • Oversee and support the Risk and control Self-assessment (RCSA) process for WS IT Business Units ensuring appropriate challenge being provided to preserve the purpose of the framework.
  • Conduct deep dive analysis on key events and non-compliance areas
  • Support, and advice, Wholesale IT management on Technology Risk and Control framework including global IT policies & standards mandates, key processes and exception management.
  • Improve overall IT Risk & Control awareness across Wholesale IT
  • Participate in regional and local Risk and Control forums and governance bodies

Skills, experience, qualifications, and knowledge required:

  • Minimum 10 years of relevant IT Risk & Control experience within Financial Services
  • Experience in design and supporting IT Governance, IT General Control, IT Security, Audit or Technology compliance framework.
  • Experience in external and Internal audit facilitation including evidence fulfilment, findings review and challenge and action adequacy.
  • Understanding of regulatory environment in APAC and experience supporting regulatory activities including inspections and ad-hoc inquiries.
  • Understanding of Wealth Management technology solutions, processes and data.
  • Experience in key technology processes including Incident Management Release and Change Management, SDLC, DevOps, Data Management, Asset Management and Cloud deployments.
  • Experience of current technology risks and ability to leverage trends to identify problem areas.
  • Exposure and engagement in risk reduction programs such as EoL remediation, Vulnerability Management, solution migration, DevOps transition (big plus)
  • Experience in technology risk assessment and knowledge of third-party vendor assessment
  • Experience and strong capabilities in presenting to senior audience, regulators and external parties

Diversity Statement

Nomura is committed to an employment policy of equal opportunities, and is fundamentally opposed to any less favourable treatment accorded to existing or potential members of staff on the grounds of race, creed, colour, nationality, disability, marital status, pregnancy, gender or sexual orientation.

 

DISCLAIMERThis Job Description is for reference only, and whilst this is intended to be an accurate reflection of the current job, it is not necessarily an exhaustive list of all responsibilities, duties, skills, efforts, requirements or working conditions associated with the job.  The management reserves the right to revise the job and may, at his or her discretion, assign or reassign duties and responsibilities to this job at any time. 

 

Nomura is an Equal Opportunity Employer

Apply now »