Assistant Director / Senior Manager, Governance Risk & Compliance (GRC) Solution, Business and Data Architect

  • Job Category
    Public / Civil Service
  • Contract type

Job Description

The Government Technology Agency (GovTech) aims to transform the delivery of Government digital services by taking an outside-in" view, putting citizens and businesses at the heart of everything we do. We also develop the Smart Nation infrastructure and applications, and facilitate collaboration with citizens and businesses to co-develop technologies.

Join us as we support Singapore’s vision of building a Smart Nation - a nation of possibilities empowered through info-communications technology and related engineering.



Your primary focus will be to lead the Business and Data architecture for the Whole Of Government (WOG) Digitalized Governance Platform to level up ICT&SS governance capability consistently across WOG and to achieve economies of scale and cost-efficiency. You will be responsible for the end-to-end Business and Data architecture for the WOG Digitalized Governance Platform and ensures the detailed design and development is aligned with the Concept of Operations for WOG and Agencies’ ICT&SS Governance.  


Success in this role will be demonstrated by your strong business, data analytics aptitude and ability to communicate in an effective and efficient manner to develop and deliver solutions for managing the technology risk including cybersecurity, data security, data privacy, system resiliency, ICT&SS modern software development etc. through policies and controls, risk assessments, and issues and exception management. 


What to Expect:
•    Provide business and data expertise and contribute to establishing the direction for the IT architecture, standards, design and implementation approaches for the WOG Digitalized Governance Platform
•    Evaluates plans and design proposals for high impact IT solutions 
•    Translate business and data requirements, including application resiliency requirements, into application and data architectural specifications 
•    Provide business and data architecture reviews on change requests into production environment 
•    Drive high-profile and high-impact projects involving complex GRC and risk management challenges.
•    Perform gap assessments between ICT Audit, Governance, security and risk leading practice frameworks and WOG and Agencies’ risk and control frameworks and advise on remediating gaps.
•    Design and establish or transform Enterprise and Technology risk management, governance, and compliance programs based on WOG and Agencies’ business structures, strategies, and priorities.
•    Advise on, develop, and implement processes around risk identification, assessment, and remediation, including issues management, exception management, vendor risk management policy management, and security incident and vulnerability response.
•    Collaborate and lead meetings with diverse high-level stakeholders, including Ministry Family and Agency business and IT management, IT operations, system architects, security professionals, and business leads.
•    Develop training materials and other communications to increase WOG and Agency users’ understanding and awareness of technology risk and issues.
•    Communicate GRC technology capabilities into business terms for senior management stakeholders.

How to Succeed:
•    Min 10 years of design/implementation/consulting experience with distributed applications - must have a minimum of 3 years hands-on experience as a Business, Data lead and system architect (i.e. Data model design, performance tuning, and system prototyping & maintenance), preferably with experience in implementing and deploying large-scale Technology Governance, Risk and Compliance products/solutions.
•    Experience designing and implementing .Net and/or J2EE applications. Must possess excellent data visualization, data modelling and SQL skills.
•    Experience integrating GRC platforms with other security tools
•    Experience with security and risk frameworks (e.g. NIST Cybersecurity Framework, ISO 27001, ISO 31000, NIST 800-53, NIST 800-30, and/or PCI))
•    Management consulting and Agile software delivery methodology experience
•    Competencies in Archer version 6.x (the current version 6.6), preferably with Archer functional certification
o    Data Feeds
o    On Demand Applications
o    Advanced Workflow
o    Data Driven Events
o    Record Permissions
o    Archer Control Panel
o    Notifications
o    Workspaces, Dashboards, iViews, Reports
o    Questionnaires
o    Application Builder
•    Strong interest in IT risk, data privacy, cyber security, emerging technologies, and related topics
•    Team player with strong organization and people handling skills
•    Strong in writing, presentation and stakeholder management




Closing on 31 Dec 2021