Information Security Officer - bank -11k

About the role

This position is part of the Technology Risk Management team (IT Second Line of Defence), responsible for security governance, policies, technology risk monitoring, risk reporting, risk assessment and related technology risk functions. He/she will need to work closely with IT, e.g. collecting of key risk indicators, review IT procedures (ensure compliance) and etc.

Key Responsibilities

• Familiar with MAS Security regulatory requirements and Bank's policies and IT security best practices
• Part of the Technology Risk Mgmt team to maintain a strong governance and technology risk management process
• Responsible for crafting technology related policies and perform annual review to compliance to regulatory requirements
• Perform gap assessment against regulatory technology risk and cybersecurity requirements, monitor for changes or updates to the respective regulatory requirements, suggest recommendations, continuous improvement to the technology risk and cybersecurity framework when necessary
• Responsible for Technology Key Risk Indicator Reporting and Monitoring, work closely with relevant stakeholder to collect data for regular reporting and monitoring
• Responsible for Risk Register monitoring and necessarily follow up of treatment plan
• Provide security advisories when necessary
• Review assessment report, provide comment and independent view when necessary
• Stay up-to-date with current trends and regulations within the scope of Security, understand the latest threats, technologies and mitigation and provide necessary input to HO and local mgmt.

Skills and experience required

· Bachelor's degree in Computer Science or equivalent

· Minimum 7 years experience within information security with at least 2 years in Technology Risk Management

· Good knowledge of the cyber threat landscape, cyber security technologies, including cloud security principles, practices and solutions.

· Experience on security assessment, improvement and solution finding

· Understanding of cloud platforms (e.g. AWS, Azure) and associated security controls

· Ability to develop security policy, standards and guidelines on best practices and industry standard

· Strong resilience personality, strong analytical and problem-solving skills, with the ability to think creatively and strategically to identify and mitigate potential cyber security risks

To apply online please use the apply function, alternatively you may contact Chloe Chen at chloe.chen(@)randstad.com.sg. (EA: 94C3609 /R1768253)