Job Responsibilities :
- To operationalize Technology Risk management framework (governance and compliance framework, risk identification/ monitoring/ reporting, policies, procedures, standards) in the 2nd Line of Defence
- To design, determine and establish KRIs, review and challenge the effectiveness of risk controls in the 1st Line of Defence and implement best risk management practices (eg. Stress tests, Due Diligence for Third-Party Service Providers/Outsourcing)
- To drive timely completion of technology risk deliverables and resolution of key risk issues
- To perform assessment of technology risk trends, communicate technical concepts to non-technical audience and provide advisory as Subject Matter Expert (eg. For new product applications, adoption of new systems, technology)
- To cultivate and promote a strong technology risk culture
Requirements :
- Degree in IT, Computing, Computer Science/Engineering or Information Systems
- Good knowledge of technology risk requirements and industry standards such as MAS TRM, ITIL, SAS, NIST, ISO27001/2
- Minimum 5 years experience in Technology Risk Management, Information security, IT Audit/Compliance in banking
- Professional certification such as CISSP, CISA, CISM, CRISC is an advantage
- Ability to perform gap analysis of IT policies and processes against new regulatory requirements and guidelines
- Self-starter and a critical thinker
- Proactive, resourceful and able to think and act strategically and tactically
- Able to multi-task and work independently under tight timelines
- Strong oral and written communication skills
- Strong stakeholder management skills
- Culturally sensitive
