Job description
Role and Responsibilities
• Collaborate with various T&O technology teams in the maintenance of effective internal controls;
• Liaise with the Group Audit, Group Legal and Compliance and T&O ORM teams on a regular basis;
• Support team lead to manage internal/external audit engagements;
• Raise issues/concerns, and provide constructive advice to the management so that significant IT risk and control issues are escalated and resolved properly;
• Execute risk assessments and perform controls testing to ensure their effectiveness;
• Track process improvements and issues corrective actions to ensure timely closure;
• Work closely with stakeholders and security teams to mitigate/resolve reported security vulnerabilities
• Provide support and review on the privilege ID usage and conduct review to ensure adherence to access controls standards, including investigate on reported exceptions
• Perform data analysis or procedure reviews to ensure compliance to the bank security standards;
• Work with internal stakeholders and vendor to review and streamline the work processes of the bank and vendors
• Liaise with the Group Audit, Group Legal and Compliance and T&O ORM teams on a regular basis;
• Support team lead to manage internal/external audit engagements;
• Raise issues/concerns, and provide constructive advice to the management so that significant IT risk and control issues are escalated and resolved properly;
• Execute risk assessments and perform controls testing to ensure their effectiveness;
• Track process improvements and issues corrective actions to ensure timely closure;
• Work closely with stakeholders and security teams to mitigate/resolve reported security vulnerabilities
• Provide support and review on the privilege ID usage and conduct review to ensure adherence to access controls standards, including investigate on reported exceptions
• Perform data analysis or procedure reviews to ensure compliance to the bank security standards;
• Work with internal stakeholders and vendor to review and streamline the work processes of the bank and vendors
Candidate Requirements
• Minimum a degree in Information Technology, Engineering or related discipline
• More than 10 years of working experience in Risk Management within IT.
• Experience in IT audit, Cloud Security will be an advantage
• Good understanding of Secure Software Development Life Cycle, Threat and Vulnerabilities Assessment, Agile Methodology and IT General Controls
• Good understanding of technology and operational risks, regulatory requirements
• Strong communication, interpersonal and written skills
• Able to work independently with minimal supervision and with a positive attitude
• Willing to learn and take new challenges with an open-mind.
R22104464
EA: 19C9859
