The Risk and Audit Manager
- Permanent, Full time
- Bank Of America / Merrill Lynch
- 20 Feb 17
The Risk and Audit Manager
Technology Engineering & Operations team (TE&O) Asia is part of Chief Technology Organization (CTO) Infrastructure Asia, and is responsible for all mainframe, hosting, network services and command centers.
The Risk and Audit Manager - Networks, is part of the Risk and Audit function team and is responsible for the promotion and governance control of technology related risk management and information security activities undertaken within TE&O Asia. This would include participation in the creation of policies and the execution of process undertaken to ensure compliance with these policies. Reporting to TE&O Asia COO & Head of Business Operations, the Risk & Audit Manager will maintain and improve technology related risk management governance and practices within TE&O.
Risk and Audit - Networks:
• Responsible for the Risk and Audit governance function for TE&O Asia and lead any regulatory engagements for TE&O Asia.
• Responsible to own the overall responses for TE&O Asia and validate/ensure they are appropriate and meet the various stakeholder internal and external needs and best represent TE&O Asia.
• Represent TE&O Asia in SIAI, CMS, AIT, Audit and various risk governance forums to facilitate risk mitigation and timeliness of corrective actions.
• Work with TE&O Asia Executive and Network Services executive for in-country regulatory audits and provide representation in meetings with CTO Asia Risk Forums.
• Governance oversight to ensure T&EO Asia meet compliance requirements for Business Continuity Testing and Application/Service Management.
• Review and drive remediation activities and work under the vulnerability assessment program.
• Responsible to maintain rapport and relationships with internal control functions.
• Manage and track SIAI, CMS, AIT, Audit issues to ensure appropriate actions are taken to mitigate risks and ensure compliance with external (regulatory) and internal (BCMR and Audit) requirements.
• Drive internal audit programs and initiatives with respective service and process owners within TE&O Asia and CTO leads.
• Participates in regional audit activities (risk identification, analysis, submission, assessments, remediation, tollgates, RLOB, etc.).
• Organize and lead process mapping and risk and control identification sessions with product towers to support development, and periodic confirmation of the adequacy of risk management process.
• Evaluate and continually improve effectiveness and efficiency of risk management processes and internal control.
• Partner with associates to drive a culture of risk awareness and proactive risk identification and assessment within TE&O Asia.
• University degree (Bachelor or Honors), preferably with a technical background.
• ITIL (Foundation) and COBIT certification.
• Has good knowledge of applicable risk management practices required to create a culture of risk management compliance for TE&O Asia. Identifies, assesses, and monitors applicable risks based on risk management policies and procedures.
• Teamwork and strong communication skills (both written and verbal).
• Exhibits best practice risk management skills through effective internal risk controls, risk monitoring, risk assessment and improvement of risk management processes.
• Good understanding of technology infrastructure platforms with a focus in network and security technology and products.
• Motivated and high ability to adapt to change and new environments, be flexible, and open minded.
• Ability to be able to be decisive and committed to accomplishing tasks.
• Proven experience in facilitating process improvement.
• Ability to work in a matrixed environment, provide oversight and directly influence change.
• Strong ability to collaborate with business and functional experts to provide risk assessment guidance and direction, and to recognize risks, control gaps and design enhancements.
• Strong organizational, project management, and multi-tasking skills with demonstrated ability to manage expectations and deliver results.
• High level of professionalism, self-motivated, flexible with the ability to meet deadlines, and work on own initiative.
• Strong decision making, analytical and creative thinking skills.
• Proven ability to build strong partnerships with key stakeholders.
• Strong computer skills; proficiency in Microsoft applications (MS Visio, MS Excel, MS PowerPoint, MS Word, MS Outlook), knowledge of MS SharePoint is a plus.
• Strong academic background (MBA or above preferred).
• CCNA, CISA and CISSP certification would be a plus.
• A minimum of 10 years of work experience in a multi-national corporation with at least 6+ years working in a financial services environment.
• Preference given to those who have ability to represent the team to engage with internal audit and compliance teams, enforcing a culture of risk management while considering the needs of the business.
• Preference given to those who are motivated, energetic, detail-oriented, organized, articulate, willing to take responsibility, and comfortable speaking and responding to concerns and questions regarding each of the areas within their responsibility.
• Proven track record of chairing/leading large and/or virtual teams/meetings and executive/ management committees with effective results.
• Report writing skills and PowerPoint presentation skills are desired.
Posting Date: 12/01/2017
Full / Part-time: Full time
Hours Per Week: 36.25