Technology Risk & Compliance Manager

About the role

Longbridge, an AI‑driven online brokerage based in Singapore, is seeking a Technology Risk & Compliance Manager to lead technology risk governance and regulatory compliance for its Singapore operations. The role will serve as the primary liaison with the Monetary Authority of Singapore (MAS) on technology risk management and cybersecurity matters.

Key responsibilities

• Lead regulatory engagements related to MAS Technology Risk Management (TRM), Cyber Hygiene, operational resilience, and cybersecurity reviews.
• Manage responses to MAS inspections, self‑assessments, thematic reviews, and regulatory questionnaires.
• Interpret and implement MAS regulatory requirements, including MAS TRM Guidelines, MAS Notice on Cyber Hygiene, MAS Outsourcing Guidelines, and MAS Notices 644/655.
• Collaborate with Engineering, Infrastructure, Cybersecurity, Compliance, Legal, and business teams to implement remediation and strengthen technology controls.
• Develop and maintain technology governance frameworks, policies, and procedures such as Information Security, Incident Response, Business Continuity Management, Outsourcing Risk Management, and Cloud Governance.
• Coordinate technology incident escalation and regulatory reporting to MAS.
• Conduct technology and cybersecurity risk assessments for third‑party vendors and cloud providers.
• Support internal audit reviews and external assurance programs, including SOC2 and ISO27001 assessments.
• Provide regular reporting to senior management on technology risk posture and remediation progress.

Required profile

• Bachelor’s degree in Information Security, Computer Science, Information Systems, Risk Management, or a related discipline.
• 5–8+ years of experience in Technology Risk, IT Risk Management, Cybersecurity Governance, Technology Compliance, IT Audit, or Operational Risk within securities brokerages, investment banks, FinTech firms, asset management, or digital asset platforms.
• Prior Big 4 advisory or consulting experience.
• Strong understanding of SFC and/or MAS technology risk and cybersecurity regulatory frameworks.
• Hands‑on experience supporting regulatory inspections, audits, remediation programs, or control‑enhancement initiatives.
• Good understanding of core technology control domains such as Identity & Access Management, Change Management, and Vulnerability Management.

Required skills

• Identity & Access Management
• Change Management
• Vulnerability Management
• Cloud Governance