VP, Technology Risk Management, RMG
Visualizza: 106
Giorno di aggiornamento: 05-11-2024
Località: Xinyi District Taipei City
Categoria: Garanzia di qualità / Controllo di qualità Alta tecnologia Meccanico / Tecnico Elettrico / Elettronico
Industria: Banking
Posizione: Associate
Tipo di lavoro: Full-time
Contenuto del lavoro
Job Purpose:
This position reports directly to Country Head of Technology Risk Management in DBS to ensure that the Line 2 (2nd line of defence) can provide a supplementary viewpoint in the risk assessment when issues arise. By performing as a team of risk management professionals, you will play a crucial role in safeguarding the bank’s reputation, assets, and customer data against potential technological threats and vulnerabilities.
Key Responsibilities:
Risk Assessment and Management:
· Identify, evaluate, and prioritize potential technology-related risks across the bank’s IT environment in accordance to the Group’s technology risk management framework.
· Conduct regular risk assessments to evaluate the effectiveness of existing controls and identify areas for improvement.
· Collaborate with other departments, such as IT, cybersecurity, compliance, and business units, to ensure a coordinated approach to technology risk management.
Technology Policy and Standards:
· Implement governance around key processes, and adequacy of frameworks and policies for technology risk management and ensure these are aligned with industry best practices and regulatory requirements.
· Ensure compliance with relevant laws, regulations, and internal policies relating to technology risk management.
Incident Response and Crisis Management:
· Develop and execute incident response plans to handle technology-related incidents, including cyberattacks, data breaches, system failures, and other IT-related disruptions.
· Lead the response and recovery efforts during crisis situations to minimize the impact on the bank’s operations and customers.
Risk Mitigation and Control Implementation:
· Propose and implement risk mitigation strategies to reduce the bank’s exposure to potential technology risks.
· Monitor the implementation and effectiveness of controls and measures to safeguard the bank’s technology assets and data.
Reporting and Communication:
· Prepare regular risk reports for senior management and the board of directors, highlighting key technology risk issues, trends, and remediation actions.
· Communicate risk-related matters to various stakeholders, including executive management, business units, auditors, and regulatory bodies.
Emerging Technology Risk Analysis:
· Stay up-to-date with the latest technological advancements and industry trends to identify and assess potential risks associated with new technologies.
· Advise on the adoption of emerging technologies with a focus on managing associated risks effectively.
Alert Monitoring and Stress Testing
- Work with Line 1 (first line of defence) to determine the threshold standard to monitor alerts. Challenge the LOBTs on the monitoring and define scenarios for stress-testing. Monitor and ensure all flagged issues are tracked to closure.
- Participate in stress testing for various disaster recovery scenarios on an adhoc or periodic basis, taking a more thoughtful view at a higher level of what should be tested, including (i) observability (figure out what is happening e.g. is system available/working ok) (ii) scenarios for disaster recovery, and (iii) potential thought experiments (what happens in certain scenarios and whether these scenarios have been tested).
Requirement:
· Bachelor’s or Master’s degree in Information Technology, Computer Science, Risk Management, or a related field.
· Significant experience in technology risk management, information security, IT auditing, or a related discipline, preferably within the financial services industry.
· Proven leadership and management experience, with the ability to guide and motivate a team effectively.
· Strong understanding of IT infrastructure, applications, cybersecurity principles, and technology-related regulations and standards. Domain expertise in one or more of these areas preferred.
· Familiarity with industry frameworks and methodologies for technology risk management, such as NIST Cybersecurity Framework, ISO 27001, and COBIT.
· Excellent analytical and problem-solving skills, with a keen eye for detail.
· Exceptional communication and presentation abilities, with the capability to convey complex technical concepts to non-technical stakeholders.
- · Professional certifications such as CISA (Certified Information Systems Auditor), CISM (Certified Information Security Manager), or CRISC (Certified in Risk and Information Systems Control) are advantageous.
Scadenza: 20-12-2024
Clicca per candidarti per un candidato gratuito
Segnala lavoro
LAVORI SIMILI
-
⏰ 05-12-2024🌏 Xinyi District, Taipei City
-
⏰ 05-12-2024🌏 Hsinchu City
-
⏰ 05-12-2024🌏 New Taipei City
-
⏰ 05-12-2024🌏 Banqiao District, New Taipei City
-
⏰ 05-12-2024🌏 Hsinchu City
-
⏰ 05-12-2024🌏 Hsinchu City
-
⏰ 05-12-2024🌏 Hsinchu City
-
⏰ 05-12-2024🌏 Banqiao District, New Taipei City
-
⏰ 05-12-2024🌏 Nangang District, Taipei City
-
⏰ 05-12-2024🌏 Kaohsiung City