Technology is key to enabling the DBS vision of being the leading bank in Asia
To meet the challenges arising from the ever evolving technological advancements and increasing sophistication and demands of customers, there is a need for deft Technology Risk Managers to ensure robust risk governance
As a member of the Level1 Technology Risk Management team, you will be responsible for driving IT risk management initiatives including risk governance, regulatory inspections, internal & external audits and thematic reviews across the functions
Job Duties & Responsibilities
Audit
Accountable for managing internal, external and regulatory reviews/audits from audit planning, fieldwork (such as request for information (RFI), issue discussion, etc.), to reporting and closing meeting.
Assess regulatory changes (such as MAS, HKMA, CBIRC, OJK, RBI and FSC) impacting the technology platforms & drive risk mitigation programs with stakeholders.
Review risk findings with stakeholders to determine management actions and responsible for monitoring and validating the closure of management actions
Present risk observations and management actions at departmental meetings
Risk Control
Engage and collaborate with technology stakeholders to proactively identify risks at a detailed technical level and determine remediation plans
Drive remediation activities to ensure that risks identified are properly and effectively mitigated to continuously improve IT risk posture
Manage the department's risk and security related process improvements and quality programs (e.g. RCSA) by participating in research/advisory services, including capturing of relevant metrics and analysis
Perform data analysis or procedure reviews to ensure compliance to bank security standards; Provide technical expertise/consultation for process improvement and quality assurance
Provide timely and periodic update to management on risk and security matters
Communicate and provide guidance of new risk policies and standards
Required Experience
Demonstrated experience in Identifying, assessing and advising on technology risks
Excellent organizational, problem solving, interpersonal and operating skills to effectively drive the IT Risk agenda with IT functions
Strong communication skills at all levels -- able to effectively communicate with IT and senior management, as well as line staff to drive IT risk mitigation initiatives and other IT risk management related areas
Experience to driving IT risk management in digital age a plus
Knowledge of Information Security, System Resiliency & Availability & Software development practices and frameworks and regulatory requirements preferred
Good technical competencies and exposure to IT application or infrastructure development, support and management
Demonstrated experience of leveraging data and analytics to get stakeholder buy-in is a plus
Professional Certification preferred CISA/CISM/CISSP/CRISC/CBCP
Other Requirements
Degree in Computer Science, Engineering, Information Technology or related discipline from a recognized University with minimum 5 years of working experience in the Financial / Banking IT industry
CISA/CISM certified professional will be preferred
Hands-on experience in IT audit, operational risk management and control self-assessment
Familiar with Applications Delivery Life Cycle, Project Management best practices and IT Controls across different operating system and platforms with hands on experience on Public Cloud controls is an added advantage
Good knowledge of application user access and access matrices will be preferred
Good understanding of security issues, operational risks and process improvement in the areas of technology and business
Knowledge of the Banking Act Banking Secrecy, Bank's policy and guidelines, Information Security Policy, Anti-Money Laundering, Cyber Security Act, MAS Technology Risk Management Guidelines, MAS Outsourcing Guidelines etc
Have a strong control and process management mindset, constantly paying attention to details and have ability to perform deep-dive investigation and crunching for control and process issues
Proactive team player with ability to work independently with minimal supervision and equips with excellent communication (both spoken and written), presentation and business writing skills
Able to collaborate within a team, at various levels of stakeholders from the operating level to the senior management across locations
Flexibility and ability to multi-task and take on different types of roles and activities at the same time in a fast-paced environment. Able to effectively manage time and prioritize tasks and responsibilities
Positive attitude and willing to take new challenges with an open-mind
Creative, quick & systemic thinking with strong analytical and planning skill
Self-organized, self-motivated and quicker learner
