IT Security, Risk & Compliance Manager IT Security, Risk & Compliance Manager …

Bank of China (Singapore)
in Singapore, Singapore, Singapore
Permanent, Full time
Last application, 14 Jun 19
Commensurate with experience
Bank of China (Singapore)
in Singapore, Singapore, Singapore
Permanent, Full time
Last application, 14 Jun 19
Commensurate with experience
Reporting to the Team Head, you will be part of the team of 2 to 3 to focus on planning, implementing and management of IT security, risk and compliance for the Bank. Ideally, you bring with you minimum 5 years of relevant working experience with Professional Certification such as CISA/CISM/CISSP/CRISC. You have good understanding of Banking Technology and related regulations.

Responsibilities:

  • Manage regulatory relationships, communicate and coordinate with the regulator (i.e. MAS) for IT related regulatory reporting, onsite inspection and regulatory enquiries etc.
  • Assess regulatory (i.e. MAS) changes impacting technology and drive related risk mitigation program with technology stakeholders
  • Review any new compliance requirements from Head Office
  • Coordinate IT related internal and external audits, and follow up periodically to ensure that all audit findings are remediated within the timelines.
  • Develop and review policy and procedures for IT risk and compliance management
  • Conduct IT risk assessment
  • Conduct IT risk & compliance trainings to IT staff
  • Conduct IT security awareness trainings to all bank staff and review the training materials
  • Review IT related due diligence checks for outsourcing service providers
  • Review and implement Data Loss Prevention controls
  • Review security event logs and privileged user activities
  • Perform other duties as assigned by the superiors

Requirements:

  • Minimum 5 years of working experience on similar responsibilities
  • Good level of understanding of banking technology, regulatory requirements such as MAS Technology Risk Management Guidelines, Outsourcing Guidelines and Notice 644 etc.
  • Strong communication skills at all levels – able to effectively communicate with the regulator (i.e. MAS), IT management as well as line staff to drive IT risk management matters
  • Knowledge of Cyber Security, System Resiliency & Availability and Software Development practices and frameworks preferred
  • Excellent organizational, problem solving, interpersonal and analytical skills
  • Possess a Bachelor degree or higher in Information Technology, Computer Engineering, Computer Science or other related fields.
  • Professional Certification preferred – CISA/CISM/CISSP/CRISC

 

 

Close