A leading organization in the Financial Services sector is seeking a dynamic person with leadership capabilities to be a part of their Technology and Cyber risk management team.
- Degree in Information Systems, Computer Science or Information Technology;
- At least 4 years of work experience in IT Security and Technology Risk Management;
- Good knowledge of enterprise IT components – OS, databases, network devices, applications;
- Working knowledge in cyber security processes and techniques related to application, OS, networking , mobile devices or cloud platforms;
- Familiar with international standards and best practices like ISO 27001 and OWASP;
- Experience in the RCSA (Risk Control Self Assessment) process of IT risk management;
- Good leadership skills with analytical thinking and attention to detail;
- Excellent communication and inter personal skills.
- Certification like CISSP, CISA, CRISC or CISM.
- Identify and assess information security vulnerabilities and risks in the IT environment as part of the Technology and Cyber risk team;
- Determine the required Technology Risk remediation controls and processes in collaboration with the business units;
- Ensure the management of identified risks in accordance with the Risk Management Program;
- Review and oversee security processes and controls related to Systems, Database, Application and Networks;
- Identify opportunities to improve the operational effectiveness of the risk processes in relevance to the Technology Risk Management (TRM) guidelines and notices on CyberHygeine from MAS;
- Evaluate risks and identify improvements from people, process and technology perspective;
- Perform due diligence on IT outsourced vendors and assess its residual risk;
- Ensure the tracking , documentation and the adherence to standards of risk management measures.