Are you a skilled and passionate professional looking to make an impact in the realm of technology risk management? We have an exciting opportunity for a Technology Risk Manager to join our client's dedicated Technology Risk Team. As a pivotal member of the team, you will collaborate closely with various stakeholders across the Technology teams, regional branches, Risk Department, and Legal/Compliance units.
About our client: Our client is a leading international bank with a regional HQ in Singapore. Cover the operations and make crucial decisions for the banking branches in ASEAN.
- Lead IT GRC activities in APAC branches, including collating risk reports, supporting branch audits, and reviewing risk acceptance requests.
- Spearheaded regulatory compliance efforts in the region, such as conducting MAS Cyber Hygiene or RMiT gap analyses, managing questionnaires, and addressing Circulars.
- Serve as a trusted consultant and advisor on risk, control, and regulatory matters to technology units, offering guidance to resolve technology risk challenges.
- Coordinate and facilitate control self-assessment activities, conducting independent control testing where necessary, and assessing control descriptions.
- Provide compelling 1st Line of Defense (1LOD) challenge to technology units regarding risk remediation priorities, offering well-informed risk opinions, advisories, and recommendations to IT management and 2nd Line of Defense (2LOD).
- Collaborate with 2LOD in risk governance activities, including establishing Key Risk Indicators (KRIs), crafting the Technology Management Framework, and diligently monitoring/reporting on KRIs.
- Ensure the maintenance and accuracy of IT policies and processes owned by the team.
- Hold a Master's or Bachelor's degree in a technical discipline, preferably in Computer Science/Engineering or equivalent.
- Possess a minimum of 5 years of work experience, with at least 3 years in risk & control or audit functions within the financial industry.
- Demonstrate the ability to identify risks, assess control adequacy, and recommend effective control enhancements.
- Display a strong understanding of cyber risk management strategies and controls prevalent in the industry.
- Exhibit exceptional communication, presentation, and interpersonal skills, capable of engaging stakeholders from diverse disciplines.
- Prior experience in delivering impactful security awareness training within organizations is a plus.
- Showcase critical thinking skills and the capacity to work both tactically and strategically.
- Candidates with CISSP or CISM certification are strongly preferred.
- Experienced candidates will be considered for a senior role, reflecting their depth of expertise.