Information Technology Risk Manager

Overview

We\'re Hiring: Internal Control Analyst (IT Risk)

• Full-Time
• CBD
• Our client is a global energy and commodities trading organization operating across Europe, the United States, and Asia. They manage physical and financial trading, risk management, and logistics, supported by robust technology platforms and a strong governance culture.

Role overview:

Reporting to the Internal Control Senior Manager, you will help oversee global control activities and ensure the IT risk and control framework safeguards business operations. You will identify control weaknesses in IT processes and infrastructure, drive remediation, maintain optimized business process maps, and keep procedures current. The role partners closely with commercial and functional teams to strengthen controls, improve efficiency, and proactively address potential control gaps. You will also collate global Internal Control reporting for management and external stakeholders.

What you’ll do:

• Support the development and implementation of the IT Risk Management Framework, policies, and processes.
• Coordinate and ensure key IT policies and procedures are documented and reviewed annually.
• Conduct investigations of IT incidents, providing root cause analyses, impact assessments, and corrective action recommendations.
• Identify, assess, and monitor IT operational risks across change deployments, incident management, and system stability.
• Perform risk assessments on IT projects, system changes, and deployment pipelines to surface vulnerabilities and control gaps.
• Track and manage risks, follow up on remediation actions, and ensure controls are embedded to mitigate identified risks.
• Partner with IT Operations, Cybersecurity, and Development teams to evaluate risks in system rollouts and technology changes.
• Perform daily controls monitoring and review.
• Conduct regular reviews of privileged ID usage and user access for key applications.
• Design, build, and maintain Power BI dashboards and reports for risk identification, analysis, and reporting.
• Customize JIRA workflows and automation to align with Internal Control frameworks and processes.
• Support monthly Internal Control reporting and ad-hoc analysis.
• Participate in internal and external audits, including J-SOX, from evidence collection to action tracking and closure.
• Champion a culture of risk awareness and continuous improvement.

What We\'re Looking For:

• At least 8 years of experience in IT Risk Management, IT Governance, Information Security, or IT Infrastructure.
• Broad exposure to diverse technologies, security concepts, tools, and methodologies.
• Proven experience reviewing technology domains spanning infrastructure, applications, cybersecurity, cloud, and IT governance processes.
• Hands-on experience in IT incident investigation and reporting.
• Experience in energy/commodities trading or a regulated environment is an advantage.
• Degree in Computer Science, Information Systems/Security, Business Management, or equivalent.
• Familiarity with frameworks such as ITIL, COBIT, or ISO 27001 is an advantage.
• Professional certifications such as CRISC, CISA, CISSP, or ITIL Foundation are advantageous.

Technical skills:

• Proficiency in MS Office (Word, Excel, Visio, PowerPoint).
• Competency with data analytics/visualization tools (e.g., Power BI, Python, SQL, ACL, Alteryx, Tableau) is a strong plus.
• Knowledge of JIRA and familiarity with ETRM/finance systems such as Allegro, SUN, CubeLogic, ZEMA, and IMOS is an advantage.

Apply now to be considered. Send your CV (Word/PDF), notice period, and salary expectations to with the subject “Internal Control Analyst (IT Risk) — SG”. Only shortlisted candidates will be contacted.

ANTARES MANAGEMENT SERVICES PTE. LTD. (25C3031)

K