Assistant Manager, IT Internal Control

Key Responsibilities• Establish, implement, and maintain IT General Controls (ITGCs) and IT controls supporting business operations, including IT Application Controls (ITACs), Information Produced by the Entity (IPE), and End User Computing (EUC) controls, in accordance with regulatory expectations and industry best practices. • Own and manage the IT Risk and Control Matrix (RCM), including stakeholder engagement, control documentation, periodic review, and control effectiveness monitoring. • Develop, maintain, and enhance the IT Internal Control Framework, including planning, execution, testing, remediation tracking, and reporting of IT process risks and control gaps to provide assurance to internal and external stakeholders. • Partner with Internal Control, Risk, Compliance, and business stakeholders to identify process gaps and implement system and process improvements to strengthen operational efficiency and control effectiveness. • Collaborate with the second line of defense functions to drive strategic initiatives that enhance the organisation’s IT risk management framework, governance standards, and risk awareness culture. • Provide advisory support to stakeholders on IT governance, cybersecurity, and regulatory compliance obligations to ensure alignment with applicable regulatory requirements and organisational policies. • Coordinate and conduct IT risk, regulatory compliance, and control awareness training programmes across business and technology teams. • Lead and manage IT-related audits, regulatory inspections, and supervisory reviews, including preparation for regulatory meetings, responses to requests for information, and remediation follow-up activities. • Prepare periodic management reports, regulatory submissions, and ad-hoc reporting related to IT controls, governance, and risk management matters. • Drive innovation, automation, and continuous improvement initiatives to enhance control monitoring, reporting efficiency, and governance effectiveness. Key Requirements• Bachelor’s degree in Computer Science, Information Technology, Information Systems, Computer Engineering, Accountancy, Business, Commerce, or a related discipline. • Minimum 5 years of relevant experience in IT governance, IT risk management, and internal controls, including hands-on experience in developing and implementing IT Internal Control Frameworks. • Strong understanding of IT General Controls (ITGCs), system development lifecycle (SDLC), information security principles, IT governance frameworks, and regulatory compliance requirements. • Demonstrated ability to adapt to emerging technologies, methodologies, and evolving regulatory expectations within the financial services industry. • Self-driven and resourceful individual with strong analytical, problem-solving, organisational, and stakeholder management skills, with the ability to manage multiple priorities under tight timelines. • Excellent communication, presentation, and report-writing skills with strong attention to detail. • Professional certifications such as Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP), or equivalent certifications would be advantageous.