AVP - Technology Risk Manager

Headquartered in Tokyo, Sumitomo Mitsui Banking Corporation (SMBC) is a leading global financial institution and a core member of Sumitomo Mitsui Financial Group (SMBC Group). Built upon our rich Japanese heritage since 1876, we put our customers first and provide seamless access to, from and within the Asia Pacific region.   SMBC is one of the largest Japanese banks by assets and maintain strong credit ratings across our global integrated network.  We work closely as one SMBC Group to offer personal, corporate and investment banking services to meet the needs of our customers.

With sustainability embedded within our strategy and operations, we are committed to creating a society in which today’s generation can enjoy economic prosperity and well-being, and pass it on to future generations.

Sumitomo Mitsui Banking Corporation Malaysia Berhad - SMBCMY

JOB SUMMARY 

As Technology Risk Manager for Technology Governance Services, responsible to ensure compliance on IT related regulatory and Head Office policies and provide IT risk advisory to IT department. This role reports to the Head of Technology Governance Services

KEY RESPONSIBILITIES

Specific core responsibilities include the following:

1. Technology Risk Management

1. Conduct regular risk assessments of technology systems and processes to identify vulnerabilities and potential threats.
2. Perform assessment and gap analysis on IT related regulatory and internal policy to ensure compliance.
3. Provide advisory on IT risk matters and assist in the development and implementation of technology risk management policies and procedures in alignment with regulatory, Head Office and Regional Office requirements.
4. Monitor compliance with established technology risk policies and regulations, ensuring adherence across all departments.
5. Support the incident response team during technology-related risk incidents, providing insights on risk impacts and recovery strategies.
6. Instilling awareness and providing support on delivering training programs to promote awareness of technology risk management practices among staff.
7. Prepare and present regular reports on technology risk findings, trends, and recommendations to senior management and stakeholders.
8. Work closely with IT, cybersecurity, and business units to ensure a unified approach to technology risk management.
9. Identify and recommend risk mitigation strategies to reduce technology risk, vulnerabilities and enhance overall security posture.
10. Liaise with regulatory bodies and internal audit teams to facilitate assessments and ensure compliance with regulatory expectations.
11. Establish and aligning IT policies and processes with Regional Office
12. Communicate and engage process owners to establish a suitable improvements/remediation plans

2. Other Department Activities

1. Supporting in audit engagement
2. Track and manage IT audit issues until closures.
3. Seeks to automate processes and controls to reduce manual tasks and improve quality of audit evidence.
4. Proactively support the department assignments
5. Participate in continuous improvement efforts by staying updated on industry best practices and emerging technology risks.

JOB REQUIREMENTS