Our client a leading Financial Institution is looking for an experienced Head of Asia, Information Risk Management Lead
– Accountable for Infrastructure Security and Information System Risk Management Management across Asia, including the following domain: (Infrastructure Security, IS Privacy and Compliance, Business Continuity and Disaster Recovery, and Regulatory and Law)
– Manage Infrastructure Risk Management Team and Resources across Asia with clear IRM policies, standards and procedures.
– Design, Plan and execute Infrastructure Security and Risk Management Framework by collaborating with regional and global risk counterparts, technology groups and other relevant groups (such as Compliance, Operational Risk, Audit, etc.)
– Work with technology teams to identify & enhance risk controls.Supporting the implementation and maintenance of T&D policies and standard. Enforcing compliance with Firm-standard technology risk posture
– Establishing risk management organization with skills, domain professional expertise, people management, leadership postures with forward thinking culture to deliver service excellence in Infrastructure risk management.
– Strong understanding of financial industry businesses and Technology Risk regulations
– Proven IT Risk Management and Infrastructure Security experience
– Excellent influencing and negotiation skills
– Outstanding communication and interpersonal skills. Ability to work effectively with all levels of the organization; Ability to draft high quality written products that are comprehensive, accurate, and tailored to the audience
– Strong organizational skills and an ability to manage multiple demands and changing priorities. Detail oriented
– A proven track record in global and cross team projects. Strong project management skills
– 10+ years of relevant Technology Risk, IT Security and Information Security experience. Working experience of risk assessment methodologies, internal controls and industry technology risk management frameworks such as CobiT and ISO2700x frameworks.
– Strong analytical skills required to enable independent research and accurate assessments of risk management process effectiveness and adherence to regulatory requirements.
– ISACA CISA or equivalent industry certification
– Other industry certifications such as CISM, CRISC, CISSP
– Chinese or other Asian language skills desired
– IT audit experience
– Technical experience