Our client, a global top-tier financial institution, is looking for an experienced Tech Risk and Audit Manager to join their regional risk team. The successful candidate will be interact with senior stakeholders, global risk team, technology team and business on related risk management.

Responsibilities:
– Provide a broad view of Information Security and Risk including vendor and contract risk assesstments, application security programme, manage key risk and remediation station using control systems etc.
– Coordinate internal audits, external audits, and regulators. Ensure the Information Risk Management is well adopted in the key technology process and SDLC.
– Work closely with the senior management through tracking and reporting function, to ensure a timely response to executives, board and regulators.
– Develop and govern Application Security programme in Asia, assist on define application security strategy, assessment methodology and framework.

Required Skills/Experience:
– At least 6 years experience in IT Risk and Audit area, ideally with exposure to banking / financial services industry.
– Experience with IT Risk Control or Audit. across COBIT, SOX, SOC etc.
– Understanding of regulatory experiences like HKMA or MAS is highly preferable.
– Regional exposure working with regional / global team.
– Outstanding communication and interpersonal skills. Ability to work effectively with all levels of the organization.
– Strong analytical skills required to enable independent research and accurate assessments of risk management process effectiveness and adherence to regulatory requirements.
– CISA, CISM, CISSP or equivalent industry certification is preferred.