As central bank, MAS promotes sustained, non-inflationary economic growth through the conduct of monetary policy and close macroeconomic surveillance and analysis. It manages Singapore’s exchange rate, official foreign reserves, and liquidity in the banking sector.
As an integrated financial supervisor, MAS fosters a sound financial services sector through its prudential oversight of all financial institutions in Singapore – banks, insurers, capital market intermediaries, financial advisors, and stock exchanges. It is also responsible for well-functioning financial markets, sound conduct, and investor education.
MAS also works with the financial industry to promote Singapore as a dynamic international financial centre. It facilitates the development of infrastructure, adoption of technology, and upgrading of skills in the financial industry.
Join us now, if you have a genuine interest in making an impact to help shape Singapore’s economic and financial landscape.
[What you will be working on]
You will be part of a team of experienced technology and cyber risk management professionals tasked to supervise some of the most important and largest local and foreign bank as well as digital banks in Singapore on their IT implementation and their management of technology risk management and cyber security. You will closely oversee and assess the adequacy of the banks’ technology risk management and cyber security plans and programmes, take supervisory actions on lapses, direct the banks on actions needed and advise MAS lead supervising departments as well as senior management on your professional assessments.
Key responsibilities include:
Onsite and offsite inspections of banks and other financial institutions (including Domestic Systematically Important Banks, Critical Information Infrastructure Owners/Operators and global banks) on thematic control areas, such as privileged access management, network/system resilience, cyber security measures, Secure Development Lifecycle (SDLC), IT service management, change management, disaster recovery, incident/problem management, operational processes, IT third party risk management and IT governance (e.g. Three-Lines of Defence model)
Assessment of adequacy of Technology Risk Management (including cyber security) as part of MAS CRAFT process, with a comprehensive review / benchmarking of all technology and cyber risk control areas and provide professional opinion on risk rating, supervisory messages and directions to the banks
Oversee FIs’ management of IT and cyber incidents, including timely response & recovery, adequate root cause analysis, disaster recovery, business continuity management, public communications and subsequent remediations of control gaps
Assess banks’ breaches of MAS regulations, recommendation on supervisory actions, issuance of directions to banks on actions needed, monitoring and assessment of banks’ progress. Conduct Boardroom conversations with banks’ Board and Senior Management, closely and regularly engage banks’ IT/security/risk management leadership on IT governance, technology and cyber risk management and compliance matters, and deep dive with banks’ IT professionals and auditors on IT/security architecture, implementation and operations matters
Research on emerging technology and cyber risk issues as manifested/forecasted in the banks within the team’s portfolio or as assigned, formulate an assessment and supervisory response, presentation of findings and seek approval of recommendations, and manage issues / implement solutions / issue guidance to banks
Support Team, Division, Department, Group and MAS roles and duties such as meetings secretariat, management reports, response to public & parliamentary queries, FI incident reporting, escalation to management and MAS crisis management.
[What we are looking for]
Candidate should have the aptitude and strong interest in IT/cybersecurity audit
Candidates with relevant working experience (including in related technology risk and cyber security areas) can be considered for more senior positions
Candidate should have excellent written and spoken communication skills that emphasizes clarity/readability, robust logic and precision
Candidate should be a team player, be able to support & complement team members and work across organisational lines
Candidate should be a self-starter, methodical in task execution and meticulous in task deliverables, with key project management skills that include working with limited resources & tight timelines, innovative problem solving and excellent stakeholder management
As part of the shortlisting process for this role, you may be required to complete a medical declaration and/or undergo further assessment.
This is a 2-year contract. All applicants will be notified on whether they are shortlisted or not within 4 weeks of the closing date of this job posting.