Associate, Information & Technology Risk Management (Non-Financial Risk Asia)

ING Wholesale Banking in Singapore

We began operating in Singapore in 1987 where we host the regional Asia Pacific headquarters. With over 300 financial experts, we are the largest wholesale banking branch in Asia. ING stands out in the Asia Pacific region because we go a step further for our customers. We look at things from the client’s perspective which allows us to construct tailor-made solutions to fit the needs of every company we serve. This mentality underpins all our client relations and has produced various prestigious awards.

Overall Function

Responsible for Technology and Data risk management for all Wholesale Banking Asia locations, from a 2nd line of defense perspective.

Provide support to the Asia NFR I&TR team, including review, challenge and advisory to the 1st line of defense (1LoD) on IT and data risk related matters, including Second Line Monitoring (SLM) activities, IT/Data risk issues and events monitoring, and sourcing due diligence.

Key Responsibilities

• Influence the 1LoD IT and Data Risk to understand, implement and comply to Bank’s policies and control standards.

• Review and provide risk challenge and advice on IT & Data risk matters to 1LoD, including regulations pertaining to these areas.

• Perform risk-based 2LoD reviews and monitoring on evidences from the 1LoD to support testing of controls design and operating effectiveness.

• Events/issues monitoring, review and closure.

• Monitoring status and providing NFR updates for key management and steering committees relating to IT & Data risk areas, for management reporting purposes.

• Perform 2LoD ground work for IT risk reporting quarterly, in collaboration with 1LoD.

• 2LoD role in IT & data risk assessments (identification and mitigation of risks) with relevant stakeholders.

• Review and provide 2LoD assessment response on IT & data risk related Risk Acceptances, Deviations and Waivers.

• Perform risk-based 2LoD due diligence for IT sourcing reviews.

• Work closely with local and regional risk functions, on IT & Data risk matters.

We are looking for a team member with the following knowledge and experience:

• About 3-5 years of relevant experience in a bank, financial institution or Big 4 audit firm focusing on Banking and FI clients; 

• Degree in IT with Business/Finance & Technology focus preferred;

• Professional IT Risk Certification (e.g. ISACA CISA, CRISC, CISM, ISC2 CISSP, etc.);

• IT audit experience with Big 4 audit firm is a plus;

• Strong IT controls background and mindset, good working knowledge of Banking IT operations, controls, processes and regulations is a plus;

• Proactive, self-starter, independent, analytical;

• Strong presentation and influencing skills with the ability to work with people of different levels and backgrounds;

• Able to manage multiple tasks under pressure;

• Takes a solution-oriented approach to risk management;

• Demonstrates accountability and ownership of their actions and results;

• Skilled in writing and reporting, with a keen eye for details, clarity and impact;

• Naturally curious and driven to improve risk practices through innovation, including GenAI;

• Knowledge of networking, including cloud and security technologies;

• Adaptable and solution-oriented, able to make things work even in complex environments;