Outline of the Role:
Review and challenge the figures and information reported in the IT risk dashboard submitted by IT for completeness and accuracy. Responsible for designing, implmenting and monitoring the effective risk framework for technology related risks.
A relevant tertiary qualification
3+ years of experience in Technology Risk Management
8+ years in IT / IT Security / IT Audit
Relevant professional certification is preferred (e.g. CSX, CISA, CISM, CRISC, CGEIT, CISSP, CCSP)
Technical and Specialist Skills:
Strong knowledge of IT infrastructure components including software (Operating System, Application and Database), hardware (Server, Firewall, Switch and Router) and IT Security components
Knowledge of Technology Risk Management practices, fundamentals and frameworks in Asia Region
Knowledge of information security concepts, practices and tools
Understanding Systems development practices, lifecycle management and Systems Testing
Understanding of IT Governance within an organisation including its components, benefits and practices
Experience in handling Asia regulatory (e.g. MAS, HKMA, RBI, CBIRC) requirements and compliance based initiatives including reporting
Knowledge of IT Outsourcing (risks, controls, monitoring), Cloud Computing and related regulatory issues
Experience in assessing residual technology risks related to Business Continuity Planning (BIA, RTO, DRP etc)
If you are interested in applying for this role, or having a conversation about other positions then please apply below or contact me for more information.