Mandai Wildlife Group is the steward of Mandai Wildlife Reserve, a unique wildlife and nature destination in Singapore that is home to world-renown wildlife parks which connect visitors to the fascinating world of wildlife. The Group is driving an exciting rejuvenation plan at Mandai Wildlife Reserve, adjacent to Singapore’s Central Catchment Nature Reserve, that will integrate five wildlife parks with distinctive nature-based experiences, green public spaces and an eco-friendly resort.

Job Duties and Responsibilities:

The AVP of Governance, Risk, and Compliance (GRC) in IT is responsible for overseeing the development, implementation, and management of the governance framework, risk management practices, and compliance with IT standards, policies, and regulations. This role ensures that IT activities align business objectives while mitigating technology risks. The AVP of GRC will lead cross-functional teams, work closely with stakeholders across the organization, and ensure that the IT environment supports secure, compliant, and effective operations.

Governance:

• Establish and maintain IT governance frameworks and processes that align IT strategy with business objectives.
• Develop and oversee the implementation of policies, procedures, and standards to ensure consistency and accountability across all IT activities.
• Ensure that IT governance initiatives support transparency, efficiency, and decision-making processes within the organization.
• Lead regular reviews of IT projects and operations to ensure alignment with governance frameworks.

Compliance:

• Ensure IT operations comply with internal policies, industry standards, and regulatory requirements (e.g., PDPA, ISO, NIST).
• Develop and maintain compliance monitoring programs to ensure adherence to IT policies and procedures.
• Coordinate audits and assessments, working with internal and external auditors to verify compliance and address findings.
• Foster a culture of compliance and ensure that staff are informed of their responsibilities regarding IT policies and procedures.

Risk Management:

• Identify, assess, and manage technology risks, ensuring proactive risk mitigation strategies are in place.
• Develop and lead the execution of IT risk management programs, including risk assessments, controls testing, and remediation planning.
• Ensure risk management practices are integrated into IT project management, system design, and operations.
• Stay informed on emerging IT risks and recommend necessary adjustments to policies and strategies to address new threats and vulnerabilities.

Leadership & Collaboration:

• Collaborate with IT leadership and other departments (such as Legal, Internal Audit, and Enterprise Risk Management) to ensure cohesive GRC efforts across the organization.
• Report regularly to senior leadership and key stakeholders on the status of governance, compliance, and risk management initiatives.
• Act as the point of contact for any governance, risk, and compliance inquiries within the IT function.

Continuous Improvement:

• Regularly review and update governance, risk, and compliance frameworks to ensure they remain effective and relevant in the face of evolving technology and regulatory environments.
• Promote a culture of continuous improvement within the IT department by driving initiatives that enhance the governance and risk management process.

Job Requirements:

• Bachelor’s degree in Information Technology, Computer Science, Business, or a related field.
• 12+ years of experience in IT governance, risk, and compliance roles, preferably in large and complex organizations.
• Strong understanding of IT operations, risk management principles, compliance frameworks, and industry standards (e.g., ITIL, NIST, ISO27001).
• Familiarity with regulatory requirements (e.g., PDPA, GDPR) and the ability to interpret and apply these in IT settings.
• Proven experience leading and managing cross functional teams.
• Strong problem-solving and analytical skills with the ability to make informed decisions in a fast-paced environment.
• Excellent communication skills, both written and verbal, with the ability to influence stakeholders at all levels.
• Preferred Certifications: Certified in Risk and Information Systems Control (CRISC), ITIL, Certified Information Systems Auditor (CISA).