Apply now »

Assistant Vice President, Regional Technology Risk Manager

Date:  Nov 2, 2024
Location: 

Singapore

Office Location: 

 

 

The Role

As a member of the Technology Risk Team, you will be collaborating with various stakeholders within SMBC Technology teams, regional branches, Risk Department or Legal/Compliance to manage technology related risks as well as participating in IT Governance, Risk and Compliance (GRC) activities within the region.

Job Responsibilities

  • Oversee IT GRC activities within APAC branches such as collating risk reports, supporting branches audits, reviewing Risk acceptance requests.
  • Manage or support regulatory compliance effort within the region, e.g., MAS Cyber Hygiene or RMiT gap analysis, follow up on questionnaires and Circulars etc.
  • Function as a consultant/advisor on risk & control or regulatory matters to technology units, as well as working with them to resolve technology risk issues.
  • Coordinate and facilitate the control self-assessment activities, including conducting independent control testing where necessary or reviewing appropriateness of control descriptions.
  • Offer effective 1LOD challenge to technology units on risk remediation priorities and provide risk opinion, advisories & recommendations to IT management and 2LOD.
  • Support 2LOD in risk governance activities, e.g., establish KRIs and Technology Management Framework as well as monitoring/reporting of KRIs.
  • Maintain and upkeep IT policies and processes owned by the team.

 

Job Requirements

  • Master’s or bachelor’s degree in a technical discipline preferably in Computer Science/Engineering or equivalent.
  • Min. 5 years of working experience with min. 3 years in risk & control or audit function in the financial industry.
  • Ability to identify risks and assess adequacy of controls as well as recommending suitable control enhancements.
  • Good appreciation of cyber risk management strategies/controls in the industry
  • Excellent communication, presentation, and interpersonal skills and able to manage stakeholders across multiple disciplines.
  • Prior experience in delivering security awareness training within the organization.
  • Strong critical thinker with the vision to work both tactically and strategically.
  • Candidates with CISSP or CISM certification is preferred.
  • Experienced candidate would be considered for a senior role.
  • Work location: One@ChangiCity

Apply now »