Regional Technology Risk Manager

Posted 17 August 2023
Salary 80-130K
Job type Permanent
DisciplineTechnology
Reference50690
ContactJK Lee

Job description

Are you a skilled and passionate professional looking to make an impact in the realm of technology risk management? We have an exciting opportunity for a Technology Risk Manager to join our client's dedicated Technology Risk Team. As a pivotal member of the team, you will collaborate closely with various stakeholders across the Technology teams, regional branches, Risk Department, and Legal/Compliance units.

About our client: Our client is a leading international bank with a regional HQ in Singapore. Cover the operations and make crucial decisions for the banking branches in ASEAN.

Responsibilities:

  • Lead IT GRC activities in APAC branches, including collating risk reports, supporting branch audits, and reviewing risk acceptance requests.
  • Spearheaded regulatory compliance efforts in the region, such as conducting MAS Cyber Hygiene or RMiT gap analyses, managing questionnaires, and addressing Circulars.
  • Serve as a trusted consultant and advisor on risk, control, and regulatory matters to technology units, offering guidance to resolve technology risk challenges.
  • Coordinate and facilitate control self-assessment activities, conducting independent control testing where necessary, and assessing control descriptions.
  • Provide compelling 1st Line of Defense (1LOD) challenge to technology units regarding risk remediation priorities, offering well-informed risk opinions, advisories, and recommendations to IT management and 2nd Line of Defense (2LOD).
  • Collaborate with 2LOD in risk governance activities, including establishing Key Risk Indicators (KRIs), crafting the Technology Management Framework, and diligently monitoring/reporting on KRIs.
  • Ensure the maintenance and accuracy of IT policies and processes owned by the team.

Requirements:

  • Hold a Master's or Bachelor's degree in a technical discipline, preferably in Computer Science/Engineering or equivalent.
  • Possess a minimum of 5 years of work experience, with at least 3 years in risk & control or audit functions within the financial industry.
  • Demonstrate the ability to identify risks, assess control adequacy, and recommend effective control enhancements.
  • Display a strong understanding of cyber risk management strategies and controls prevalent in the industry.
  • Exhibit exceptional communication, presentation, and interpersonal skills, capable of engaging stakeholders from diverse disciplines.
  • Prior experience in delivering impactful security awareness training within organizations is a plus.
  • Showcase critical thinking skills and the capacity to work both tactically and strategically.
  • Candidates with CISSP or CISM certification are strongly preferred.
  • Experienced candidates will be considered for a senior role, reflecting their depth of expertise.