Senior IT Operational Risk Manager

• Collaborate with internal stakeholders across the company to proactively identify, escalate, assess, and mitigate technology operational risks associated with new technologies and infrastructure changes.
• Lead deep dives with the goal of documenting processes, risks, existing controls and identifying control enhancement opportunities; review and socialize with stakeholders as appropriate.
• Champion the Incident and Issue Management program, including the design of Action Plans to drive control enhancements and ensure risk exposures are being tracked, monitored and remediated.
• Partner with stakeholders to investigate, report, and manage incidents in order to understand root cause and drive control enhancements.
• Analyzing new projects and features within the SDLC to identify potential operational risks related to system design, coding, testing, deployment, and maintenance.
• Perform control assurance related activities, including testing of design and operating effectiveness, implementation support, review and challenge of evaluation results, and communication of results with management.
• Advocate and support the implementation of Risk Management frameworks for technology stakeholders, serving as a trusted advisor for the first line.
• Stay up to date on emerging trends and regulations in the digital asset space, proactively identifying and addressing new risk considerations.

What We Look For In You 

• Bachelor's degree in Information Technology, Computer Science, or a related discipline.
• Minimum 8+ years of experience in technology risk management, preference for those in Operational Risk roles within financial services, digital assets, or technology/engineering.
• Proven experience in project and stakeholder management, independently conducting technology risk-control assessments, control testing activities, managing incidents, issues, and driving remediation efforts.
• Strong understanding of IT systems, networks, and security controls.
• Knowledge of risk assessment methodologies and frameworks (e.g., COSO, NIST, ISO)
• Excellent communication and presentation skills, with the ability to tailor reporting to different audiences.
• Demonstrated ability to collaborate effectively with all levels of a global organization.
• Comfortable in a dynamic, fast paced and ever-changing landscape; adept at handling pilot initiatives and refining over time.
• Certifications such as Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), or Certified Information Systems Security Professional (CISSP) are a plus.
• Experience working in / knowledge of the digital asset space (cryptocurrency, blockchain) is a plus.
• Experience with GRC systems on a global scale is a plus.
• Fluent in both English and Mandarin, additionally Cantonese is a plus.

Perks & Benefits