IT Risk Officer
Job Requirement:
• Support the rollout of IT risk management strategy, framework and standard(s) in Asia
• Manage day to day IT Risk management activities in Asia including:
o Maintenance of the central risk register
o Tracking of risk mitigation plans and
o Follow up on risk remediation and/or mitigation plans
• Responsible for preparation of risk reporting to IT Risk Management Forum as well as Operational Risk Committees
• Perform regulatory (MAS and HKMA) and security related assessments, review technical control effectiveness, identify gaps and follow up on actions
• Perform and execute internal control plans
• Review application security concept design as part of project implementations
• Work with external and internal audit to facilitate fieldwork and tracking of IT related audit items
• Handle routine security related tasks e.g. password management, review of requests
• Drive a positive risk culture through training, communication and collaboration
• Prepare materials for periodic IT Risk Awareness trainings
KEY FEATURES OF THE POSITION
IT Risk Management
• Maintain the central risk register for Asia
• Support and assist risk owners to develop risk mitigation/remediation strategies for High, Medium and Low risk items
• Maintain oversight of risks mitigation / remediation plans of High, Medium and Low risk items
• Work closely with IT Project Managers to identify, mitigate and treat residual risks arising from projects
• Collaborate with Information Security function to support implementation and/or mitigation of Cyber risks
• Prepare risk reporting materials to be presented at IT Risk Management Forum and Operational Risk Committees
• Perform internal control validations and highlight exceptions for remediation
• Track, monitor and report on status of controls
• Provide IT risk awareness trainings
• Support IT teams in responding to external and internal audit queries. Review audit reports and provide audit responses
• Track audit remediation plans to ensure timely and proper closure of IT audit points
Client Management (internal & external)
• Various IT functions, both regionally and globally
• Operational risk (CRO)
• Local Legal and Compliance functions
Business Management
• Key local stakeholders include IT Service Owners, IT Infrastructure, IT Application Managers, IT Architecture and Project Managers
• CRO functions – including Business Operational Risk, Information Security and Compliance functions
• Global functions – IT Risk Management , Information Security
Thanks, and Best Regards
Karanam Vijaya Kiran
(EA Registration no: R1443178)
Recruitment Manager
Hand Phone: +65 92333815
Helius Technologies Pte Ltd (EA Licence No: 11C3373)