Manager / Associate Director, Technology Governance, Risk & Compliance
KPMG in Singapore is part of a global organization of independent professional services firms providing Audit, Tax and Advisory services. We operate in 143 countries and territories with more than 273,000 partners and employees working in member firms around the world. Each KPMG firm is a legally distinct and separate entity and describes itself as such. KPMG International Limited is a private English company limited by guarantee. KPMG International Limited and its related entities do not provide services to clients.
Job Description
The Information Technology Services is dedicated to creating and delivering value to our business by leveraging on IT technology. The team is responsible for delivering customer-focused solutions and high-quality IT services internally to enable our business.
We invite a highly motivated & dynamic professional to join our ITS team as a Manager/Associate Director, Technology Governance, Risk and Compliance.
Your responsibilities will include:
Governance and Audits
- Establish and maintain a robust GRC framework, reinforcing ITS information security controls and service management processes to optimise IT service quality and compliance with organisational and user requirements.
- Develop and execute comprehensive information security risk assessments, ensuring alignment with regulatory requirements such as SOX ITGC, ISO 27001, MAS OSPAR, ACRA, and ISQM1.
- Actively contribute to Enterprise Risk Management efforts, participate in Information Protection Control Reviews (IPCR), and support IT-related personal data protection activities, collaborating with pertinent departments to formulate necessary policies and action plans.
- Monitor adherence to the organisation's security policies, standards, and procedures among ITS staff, contractors, and other third parties, and enforce corrective measures as needed.
- Identify, assess, and document non-conformities with KPMG policies and relevant standards, ensuring timely remediation and compliance with organisational security policies and regulatory mandates.
- Supervise and mentor ITS personnel in GRC activities and ITS service management process mapping, providing necessary training and guidance.
IT Service Management (SMS) and Information Security Management System (ISMS) Maturity
- Lead initiatives to enhance IT Service Management System (SMS) and Information Security Management System (ISMS) maturity within the Information Technology Services (ITS) department, focusing on process optimisation and alignment with ITS strategic objectives.
- Create and implement quality assurance protocols, performance metrics, and testing procedures to evaluate the maturity of information system processing.
- Conduct periodic evaluations of ITS internal processes, performance indicators, and metrics to ensure continuous improvement.
- Gather and analyse data to pinpoint improvement opportunities within ITS operations and infrastructure.
- Undertake proactive and preventive maintenance for ITS service management processes and information systems.
⠀
Requirements:
- Educational Qualifications:
- Bachelor’s or Master’s degree in Business, Finance, Accounting, Risk Management, Law, or related fields.
- Professional Experience:
- A minimum of 6 years of relevant work experience in governance, risk management, internal controls, external audit, internal audit, or process improvement.
- Experience in Big 4 firms, Fintech, or the Financial Services industry is a plus.
- Leadership and Management:
- Proven leadership and people management skills.
- Strong confidence in interacting with senior stakeholders.
- Demonstrated experience in leading and managing teams.
- Business and Technical Skills:
- Strong business acumen and commercial awareness.
- Conceptual skills in qualitative and quantitative risk management methods.
- Familiarity with risk management and internal control frameworks (e.g., COSO, ISO, COBIT).
- Functional Knowledge:
- Knowledge of various functional areas, including Finance, Procurement, HR/Payroll, Operations, Logistics, IT, Legal, and Risk Management.
- Communication and Interpersonal Skills:
- Strong communication, presentation, and project management skills.
- Ability to build effective relationships and work collaboratively with internal departments, external service providers, and global teams.
- Capability to work independently, take initiative, and collaborate effectively.
- Industry Standards and Certifications:
- Previous experience with industry standards and best practices such as ISO/IEC 27001, SOC 2, and NIST.
- Knowledge in Business Process Management projects, ITSM (ITIL), ITSMS processes, and working experience with ServiceNow ITSM.
- ITIL V4 certification is preferred.
#LI-AH1
Only shortlisted candidates will be contacted by KPMG Talent Acquisition team, personal data collected will be used for recruitment purposes only.
At KPMG in Singapore we are committed to creating a diverse and inclusive workplace. We believe that diversity of thought, background and experience strengthens relationships and delivers meaningful benefits to our people, our clients and communities. As an equal opportunity employer, all qualified applicants will receive consideration for employment regardless of age, race, gender identity or expression, colour, marital status, religion, sexual orientation, disability, or other non-merit factors. We celebrate the different talents that our people bring and support every staff member in their journey to achieve personal and professional growth. One of the ways we do this is through Take Charge: Flexi-work, our flexible working framework which enables agile and innovative teams to help deliver our business goals.