We're on a mission to make financial services accessible and effortless for SMEs. As one of Singapore's latest digital wholesale banks fully regulated by MAS, we're committed to continuous innovation to bring about simpler, safer and more rewarding financial services. #bringingaboutwhatsnext
We are looking for a Tech and Cyber Risk Manager to join our team.
Responsibilities:
- Define, update and manage bank-wide tech, cyber, data management policies in coordination with different tech and business functions
- Ensure policies are consistently applied across the bank and monitor adherence to the defined policies
- Perform risk identification and assessments in the tech, cyber and data governance space
- Manage the bank's tech and cyber risk management programs
- Manage tech and cyber risk due diligence on the bank's their parties including service suppliers, partners as required
- Work with tech and business functions to ensure compliance with policies and regulatory requirements
- Perform risk monitoring including continuous assessments to monitor the tech and cyber risk compliance such as RCSA, KRI
- Initiate and implement continuous enhancements of risk monitoring process
- Monitor new regulatory requirements, conduct gap analyses against new regulations and guidelines
- Monitor risk landscapes and emerging threats to the bank, understand the evolving risks and also new technologies in managing such risks
Requirements:
- BS/MS in Computer Science / Computer Engineering / Cybersecurity with 7 years and above relevant experience in cyber security or information technology risk management
- Strong understanding of banking industry best practices, policies and standards in the area of tech & cyber risk management, data governance
- Strong understanding of regulatory requirements from MAS and other financial regulators in the region
- Practical experience performing tech and cyber risk assessments, compliance assessments and audit
- Practical experience managing internal, external audits and regulatory engagements
- Practical experience working as the owner of tech and cyber risk programs
- Preferably with either CISA, CISM, CRISC, CISSP certifications
