Senior Technology Risk Management Manager

Senior Technology Risk Management Manager

The Senior Technology Risk Management (TRM) Manager will be responsible to assist the TRM Director to deliver the technology risk management framework and the establishment of the regular review and assurance process in enhancing the risk control environment for Local Business Unit (LBU) and internal security and privacy functions. The scope of TRM covers IT controls, information risk management, vendor management on technology vendor and cybersecurity. Besides, this role will conduct risk control review and support the Group-wide Information Security and Privacy team (GwISP) team in driving group wide initiatives e.g. annual attestation exercise and control automation project.

• Ensure the formation of the Technology Risk Management framework and the successful rollout to LBUs and internal security team.
• Ensure the formation of the Technology risk appetite and key risk metrics for management oversight and the escalation to the risk committee
• Regular review the LBU risk register to identify the potential risk area and notify other LBUs of these potential risks.
• Regular review the LBU risk register to ensure the risk rating, treatment plan and target completion date are able to reduce/mitigate the risk on reasonable basis.
• Perform 2nd line deep dives review of potential material control breakdown that may be triggered by incident, audit finding, external events.
• Participate in the LBU risk committee to ensure in-depth discussion of relevant technology risk impacting the LBU.
• Support BISO and Technology Risk Management in reviewing the technology risk paper related to information security and privacy topics, for LBU risk committee consumption.
• Work closely with internal operational risk team to ensure proper risk management practices at the LBU by following the Operational Risk Policy and Standard.

Requirements:

• Minimum 7 years of working experience in IT Risk Governance and/or Information Security practices or equivalent.
• Strong ability to use data to tell a story
• Good understanding of the risk control expectation from senior stakeholders' point of view
• Strong technical skills and good understanding of technologies that support technology risk management, information security and data privacy risk management
• Experience with cloud risk assessment, third parties risk management and resilience management.
• Experience in working in matrix organization
• Excellent cross-group and interpersonal skills, with the ability to articulate business need for detection improvements
• Strong written and verbal communication skills to command respect with gravitas and engage a variety of large audiences, internally and externally

Important note:

• We regret that only shortlisted candidates will be notified.
• Only Singaporeans

Interested parties please click "Apply Now" or contact Jerry Qiu (EA Reg. No. R1219180) on +65 6429 1246 for more information.

Chandler Macleod is a brand of Peoplebank Singapore Pte Ltd EA Licence: 08C5248