IT Security and Risk Manager for a Financial Services Company
Responsibilities
Technology Risk Management
Execute the TRM and Compliance framework covering technology regulatory compliance
Identify and drive TRM initiatives in partnership with various units through the analysis of emerging risks and key risk trends across IT
IT Risk Assessment
Review of IT Outsourcing documents (e.g. IT risk assessment, Technology Questionnaire on Outsourcing)
Participate in IT project risk assessment
Facilitate and review IT risk register
Identify risks proactively and perform risk assessments
Framework, Policies and Procedures
Work with IT department in the creation, implementation and maintenance of frameworks, policies, standards and guidelines covering Technology Risk
Review IT Disaster Recovery Plan
Others
Provide advisory services and expert advice on the IT internal controls
Initiate, facilitate and promote on-going education activities to create awareness of IT risk for all employees
Any other task assigned by Head of Department
Requirements
Bachelor's degree in IT / Computer Science or equivalent
5 - 10 years of experience in IT Security or Technology Risk Management
Relevant experience in financial industry (particularly Life Insurance industry) is preferred
CISA / CISM / CISSP / CRIS certification or equivalent is preferred
Strong understanding of the Financial regulatory requirements (including, but not limited to MAS TRM, Outsourcing guidelines, BCM guidelines)
Strong stakeholder engagement and management skills, with the ability to connect and communicate at all levels across the organization
Demonstrated experience in identifying, assessing and advising on technology risks
Ability to work collaboratively as part of a team within the risk management department, business units and support teams
Demonstrated ability to prioritize competing responsibilities, work under pressure, meet challenging deadlines, build and maintain effective business relationship