AVP-IT Compliance

Headquartered in Tokyo, Sumitomo Mitsui Banking Corporation (SMBC) is a leading global financial institution and a core member of Sumitomo Mitsui Financial Group (SMBC Group). Built upon our rich Japanese heritage since 1876, we put our customers first and provide seamless access to, from and within the Asia Pacific region.   SMBC is one of the largest Japanese banks by assets and maintain strong credit ratings across our global integrated network.  We work closely as one SMBC Group to offer personal, corporate and investment banking services to meet the needs of our customers.

With sustainability embedded within our strategy and operations, we are committed to creating a society in which today’s generation can enjoy economic prosperity and well-being, and pass it on to future generations.

• Should be able to understand and perform the complete full audit lifecycle including risk and control management and operation effectiveness.
• Proven ability of driving the closure of all non-compliances reported during assessments, Observations and Audit findings from Regulatory, Internal & External audits.
• Create compliance resource library for staff members for staff members to reference.
• Should be able to discuss, develop and implements clear strategies with department heads, & with executive stakeholders.
• Collate, track, remediate and report progress on all vulnerability assessment findings, security-driven projects by ISD, IAD or regulator, Server hardening observations etc.
• Set up a dashboard to present weekly progress made by Infrastructure team on hardening work being done.
• Mastermind the compliance Policies & Info security policies & Procedures on behalf of the organization.
• To oversee, coordinate & support the deployment of all risk management & compliance activities.
• Create compliance resource library for staff members for staff members to reference.
• Remain up to date on Regulatory laws and requirements & should be able to conduct gap analysis and controls mapping. Experience in policy writing is an added advantage.
• Spearheads all arenas of IT Operations for instance Change management, incident management etc to validate alignment & meet risk management business goals.
• Critically review asset management processes, manage renewal of EOL/EOS devices and support procurement of devices as per plan.
• The role-holder would also be responsible for contract management for all contracts within IT department, payments, accruals etc.
• Manage prioritization for resource and budget demands and adapt to changing priorities.
• Financial management: Management and control of IT budget to ensure new business initiatives, delivery and continuity of IT Services.
• Reporting: Providing meaningful and timely reporting, prepares routine IT reports (financial, production, Regulatory compliances etc).
• Responsible for governance and management of third-party suppliers & contracts.
• Candidate should keep good understanding of contract management, vendor management and should be able to track the entire lifecycle of the IT contracts.
• Excellent knowledge of Risk management methodologies and should be able to demonstrate ability to assess, mitigate and propose solutions to identified risks.
• Tracking of Non-personnel expense and investment budgets based on strategic plan for the year.
• Good hands experience in creating & presentation of the management reporting like Steering committee, Risk Committee etc.