Senior Technology Risk Analyst

YouTrip is at the forefront of Asias financial revolution defining the future of digital finance with its leading multi-currency payment platform. Launched in 2018 YouTrip has swiftly ascended as a powerhouse orchestrating billions in transactions annually and securing the trust of millions. With innovative solutions like YouTrip for consumers and YouBiz for businesses we offer unmatched financial ease and cost-effectiveness. Fresh off a successful US$50 million Series B funding round led by Lightspeed Venture were setting new benchmarks in the digital financial services sector.

At the heart of our mission is a commitment to eliminate financial borders across Asia propelling us into the next wave of digital finance.

Job Description: Senior Technology Risk Analyst

Were looking for a Senior Technology Risk Analyst to join our team. This role sits within the Second Line of Defense (SLOD) and is responsible for the day-to-day identification assessment oversight and monitoring of technology-related risks across the organisations IT infrastructure/cloud systems and digital operations. The role serves as a trusted advisor to technology and business stakeholders and provides independent risk oversight to ensure effective management of technology and cybersecurity risks.

The Senior Technology Risk Analyst will provide subject matter expertise and play a proactive and hands-on role in identifying assessing and driving timely and risk-prioritised remediation of security vulnerabilities across internal systems third-party/SaaS applications and processes. You will partner closely with IT Engineering and Business teams to ensure timely resolution of identified risks strengthen control effectiveness and promote a culture of security and risk awareness across the organisation.

This role supports the organizations Risk Assessment & Monitoring IT Controls & Compliance Governance & Reporting Vulnerability Management and Business Continuity efforts ensuring alignment with regulatory legal and business requirements. The ideal candidate will have a strong understanding of technology risk challenges within FinTech or regulated financial services and will collaborate closely with IT Compliance Legal and Business teams to ensure robust risk management practices and regulatory compliance.

1. Risk Assessment & Monitoring

• Lead and independently conduct technology risk assessments across IT systems applications cloud environments and third-party vendors.
• Support the identification documentation and ongoing oversight of technology risks in the risk register.
• Establish monitor and analyse technology risk indicators emerging threats and control weaknesses escalating material concerns to senior management and governance committees.
• Contribute to periodic risk reporting for internal stakeholders and governance committees.

• Lead reviews and assessments of IT general controls (ITGCs) including access management change management logging and monitoring and data backup and resilience controls.
• Provide subject matter expertise on regulatory and industry requirements such as MAS TRM guidelines AU Cybersecurity Policy BNMs Tech Risk Policy ISO 27001 NIST SOC 2 etc.
• Help maintain documentation of control evidence exceptions and remediation actions.
• Participate in internal and external audits by collating required evidence and liaising with various teams.

• Provide second-line oversight of vulnerability management activities including assessment of remediation prioritisation patch management effectiveness penetration testing results and exception management.
• Review and challenge remediation plans for high-risk vulnerabilities and technology control deficiencies.
• Support the Technology Risk team during cyber incident investigations root cause analyses and post-incident reviews ensuring lessons learned and control improvements are implemented.

• Prepare risk dashboards and status updates for review by senior stakeholders.
• Support the development and maintenance of technology risk frameworks policies standards and methodologies.
• Drive security and risk awareness initiatives across the organisation and provide guidance to business and technology stakeholders with a focus on risks and real-world threats.
• Maintain and update team documentation policies and standard operating procedures (SOPs).
• Lead technology due diligence reviews and third-party risk assessments for vendors outsourcing arrangements and critical service providers.

• Provide oversight and challenge Business Continuity and Cybersecurity drills ensuring identified gaps are tracked to closure.
• Provide security guidance during system changes deployments and operational updates.
• Act as a security point of contact for day-to-day operational questions from business and technology teams.

• Bachelors degree in Computer Science Information Technology Risk Management or related field.
• 5-10 years of experience in IT risk IT Audit cybersecurity or technology audit preferably with banking financial services fintech or similar industry.
• Strong understanding of IT infrastructure/environment concepts: networks cloud databases operating systems and security principles.
• Strong working Knowledge of security frameworks and standards (ISO 27001 PCI DSS NIST CIS).
• Ability to independently assess complex technology risks and provide pragmatic risk-based recommendations.
• Experience with risk assessment tools and methodologies.
• Strong analytical and problem-solving skills with attention to detail.
• Excellent communication and stakeholder management abilities.
• Strong sense of ownership and accountability.
• Ability to balance security needs with business realities.
• Ability to prioritize and manage multiple security issues simultaneously.
• Clear communicator with the ability to work cross-functionally with technical and non-technical teams.
• Relevant professional industry certifications (e.g. CISA CISM CIPP/E CRISC) are strongly preferred.

If you are interested in this position click Apply Now or please send your resume to quoting Senior Technology Risk Analyst (IND) in the subject header.

Required Experience:

Senior IC