Technology Regulatory Risk Analyst

  • Competitive
  • Hong Kong
  • Permanent, Full time
  • Morgan Stanley
  • 29 Sep 16

See job description for details

The Technology & Information Risk department is seeking an experienced Technology Risk professional to join a small, global team responsible for managing responses to regulatory, audit, and client requests and monitoring resolution of regulatory and audit findings. This includes coordinating technology-related regulatory examinations as well as ad hoc requests for information and meetings.

The Regulatory, Audit, and Client Engagement Team fulfills the following responsibilities for the Technology & Data organization:
- provides transparency to Technology & Data Senior Management about the status of:
- fulfilling all technology-related requests received globally
- progress with remediating regulatory and audit findings
- ensure responses to technology-related requests are fulfilled efficiently, consistently, accurately, and timely
- maintains an archive of responses to technology-related requests
- facilitates timely closure of technology-related regulatory and audit findings by advising on remediation plan development and execution

This position requires regular interaction with senior managers and organizational partners including Compliance, Legal, and Internal Audit

Responsibilities
- Analyze requests to define the response required, establish response deadlines, and identify impacted technology personnel that will supply and approve the response content
- Mobilize the response effort by notifying impacted personnel and scheduling response preparation meetings
- Serve as a subject matter expert on technology risk management processes and associated regulatory requirements
- Collaborate with personnel tasked with preparing responses to technology-related requests to ensure the common goal of an accurate and timely response
- Collect responses and review them to ensure they are responsive to the request
- Liaise with owners of regulatory and audit findings providing advice throughout the finding lifecycle including remediation plan development, execution, and closure.
- Maintain the archive of responses to technology-related requests
- Prepare status reports for technology-related requests that will be used in Technology & Data Senior Management regular reporting*L1-KW1

Qualifications:

Skills Required
- Sound knowledge of Asia financial market laws and regulations impacting technology risk management processes including technology governance, information security, business continuity planning, systems development, project management and supplier management.
- Sound understanding of risk assessment methodologies, internal controls and industry technology risk management frameworks such as ITIL, CobiT, and ISO 27001
- Strong analytical skills required to enable independent research and accurate assessments of adherence to regulatory requirements
- Strong organizational skills and an ability to manage multiple demands and changing priorities. Detail oriented.
- Outstanding communication and interpersonal skills. Ability to work effectively with all levels of the organization. Excellent influencing and negotiation skills.
- Ability to draft high quality written products that are comprehensive, accurate, and tailored to the audience
- Fluent English is essential for this position.

Skills Desired
- Successful track-record of regulatory response coordination
- Technology audit background in a highly complex financial institution
- Industry Certification such as CISA, CISSP, CISM, CRISC
- Solid understanding IT/Cyber Security tools & practices