IT Security & Governance Analyst

IT Risk Management Team | Singapore

About us

Endowus is Asia’s leading fee-only digital wealth platform. Headquartered in Singapore, we are the first digital advisor to span both private wealth and public pension savings (CPF & SRS), helping all investors grow their money with expert advice, institutional access to financial solutions, low & fair fees, and a delightful personalised digital wealth experience. 

Our clients entrust us with a responsibility that goes far beyond technology or financial markets - they entrust us with their wealth - their livelihoods and ambitions of a better future for themselves and their loved ones. Our mission is clear: help people invest better so they can live easier today, and better tomorrow.

The people you will work with

The team has deep domain knowledge in finance and technology, bringing together decades of experience at Goldman Sachs, Morgan Stanley, UBS, Credit Suisse, The Blackstone Group, AQR, Grab, Dropbox, Lyft, Redmart, Carousell, Bytedance, Grab, Kakao, Alibaba, and more. See our leadership team here. We practise inclusion and treasure our diversity in background and experience. A diverse team is our biggest asset and we look for people who share our belief in Endowus' clear mission.

Investors, recognition, licensing

Endowus is backed by global leading strategic and venture capital investors including UBS, Samsung Ventures, EDBI, Prosus Ventures, ZVC, Singtel Innov8, Lightspeed Venture Partners, and SoftBank Ventures Asia.

Endowus has been recognised by the industry with the following awards: Singapore’s Rising Star and Fintech Innovation (Asia Asset Management’s Best of the Best Awards 2021), LinkedIn Top Start-ups 2021, WealthTech of the Year (Asia FinTech Awards 2021), and the top 15 Singapore’s Best Workplaces Award (Great Place to Work).

Endowus is licensed by the Monetary Authority of Singapore (MAS).

About this team

Being part of Endowus’s Technology Risk Management Team, you will help establish and maintain IT risk management policies to achieve compliance and risk oversight.
We are looking for an IT Security Risk Analyst who thrives in a fast-paced environment and enjoys driving innovation through IT transformation and risk management solutions.
You will need to manage, implement and lead the documentation process for IT risk controls and also, identify and remediate potential risks and security gaps through close collaboration with risk owners.
You will support the Senior IT Risk Manager with IT audits and inspections. Plan and manage remediation projects from any potential security findings. Being Endowus’s second line of defense, you will be responsible for performing checks on existing controls for IT security and risk assurance

About this role; responsibilities & ownership

  • Establish and maintenance of IT risk management policies to achieve compliance and risk oversight
  • Manage and implement controls upon processes
  • Lead the fieldwork and documentation process for IT Risk controls
  • Close collaboration with risk owners to improve policies and processes
  • Coordinate and support in annual disaster recovery tests
  • Support Senior IT Risk Manager with IT audits and inspections
  • Lead outsourcing due diligence efforts
  • Perform checks on existing controls for IT Risk assurance 
  • Identify risks through change in technology and drive initiatives on potential gaps
  • Lead efforts fostering strong IT risk culture and awareness within the organisation

Requirements & qualifications

  • Degree in Information Security, Computer Engineering, Information Systems, Computer Science or equivalent 
  • Experience in IT Audit or deep knowledge of MAS’s Technology Risk Management Guidelines (TRMG)
  • Strong communication, written, and interpersonal skills
  • High level of integrity and responsibility
  • Self-driven, has a strong sense of ownership and able to work and learn independently
  • Fresh graduates who are highly passionate about Technology Risk Management are also welcomed to apply

Nice to haves

  • Experience in IT Service Desk / IT Administration
  • Experience in leading IT transformation projects
  • Experience working in a regulated industry
  • Knowledge of IT best practices
  • Ability to identify and mitigate security risks 
  • Information systems certification (e.g. CISA, CISM)

Benefits & perks

  • Stock options in a fast growing company *
  • Employee discount for investing at Endowus
  • Flexible working hours and locations so you can live life and your best work - you are trusted to be responsible
  • Competitive Staff Benefits; Annual Leave, Medical insurance, Dental *
  • Productivity Equipment; Omnidesk Standing Desk & Ergonomic Chairs, Dell UltraSharp USB Type-C Monitor, high-end computer peripherals
  • Choice of Apple or PC equipment
  • Additional S$250 /HKD 1450 budget for your favourite hardware to boost productivity *
Note: * is only applicable to Full-Time employees

How to apply
Everyone can be an Endowus client. If you are not yet a client, please create an account to understand our services and technology, and can see if our mission is something that aligns with your personal beliefs. We value your feedback on our product and will ask you for your insights throughout the interview process. 
  • Email subject: [Role you are applying for], [Your name]
  • Attach your CV
  • Content portfolio — Original content creation (English and Traditional Chinese), translation (English to Traditional Chinese), any marketing/social media samples
  • Cover letter in body of your email
  • Desired salary/package
  • Notice period (if any)
  • Current location
  • Visa assistance for role location? (Y/N)