Job Description

Job Responsibilities: Develop / review core IT & Cyber Risk management framework and policies for consistent and synergetic implementation across the Group. Establish and develop new IT and cyber risk metrics and indicators. Identify emerging IT and cyber risks and trends. Perform IT risk reviews, risk assessment on IT/Cyber related incidents, gap analysis to assess IT and cybersecurity risks. Implement monitoring tools to proactively mitigate IT and cybersecurity related risks. Provide consultative advice, guidance and training on IT and cybersecurity related risks and issues including internal and regulatory guidelines, ongoing IT concerns and BCM/DRP initiatives. Participate in IT projects and initiatives to assist in managing the IT and cyber risk profiles. Reporting to management and board level committees on IT and cyber risk related matters. Any additional ad hoc activities assigned by management from time to time Job Requirements: Knowledge in IT infrastructure processes and standards Knowledge in IT governance, risk and compliance processes and requirements Certification in IT disciplines (e.g. ISMS, COBIT, CRISC, CISSP, CISA, etc) is an added advantage. Technical skills in security and other related disciplines (e.g. 6-Sigma). At least 5 years of working experience in Technology Risk under Group Risk Management in banking industry Having experience in Production Management / Project Management / IT Data Centre operations and management and/or Application Development is an added advantage Degree in computer studies and/or sufficient number of years working in the bank/group.

foundit