Our client, a leading investment bank, is looking for a strong information risk management manager for their growing team. Selected candidate will be the key person to drive the IS Risk Management regulatory and compliance management. Great exposure and opportunity.
– Provide Information System Risk Management and Compliance Consultancy across Asia, including the following domain: (Information Security, IS Privacy and Compliance, Business Continuity and Disaster Recovery, and Regulatory and Law)
– Design, Plan and execute IT Risk Management Framework by collaborating with technology groups and other relevant groups (such as Compliance, Operational Risk, Audit, etc.)
– Work with technology teams to identify & enhance risk controls. Supporting the implementation and maintenance of T&D policies and standard. Enforcing compliance with Firm-standard technology risk posture
– Perform risk and control assessments on IT process
– Work closely with the management and explain the potential risk, with proposed mitigating controls
– Strong understanding of financial industry businesses and Technology Risk regulations
– Previous IT Risk Management Experience
– Excellent influencing and negotiation skills
– Outstanding communication and interpersonal skills. Ability to work effectively with all levels of the organization; Ability to draft high quality written products that are comprehensive, accurate, and tailored to the audience
– Strong organizational skills and an ability to manage multiple demands and changing priorities. Detail oriented
– A proven track record in global and cross team projects. Strong project management skills
– 7+ years of relevant Technology Risk, IT Security and Information Security experience. Working experience of risk assessment methodologies, internal controls and industry technology risk management frameworks such as CobiT and ISO2700x frameworks.
– Strong analytical skills required to enable independent research and accurate assessments of risk management process effectiveness and adherence to regulatory requirements
– Familiar with regulatory requirements from HKMA/SFC/MAS
– CISA, CISM, CISSP, DRII/BCI or equivalent industry certification