We have an excellent career opportunity to expand your technical expertise in Information Technology Risk and Security domain with an established company within the Financial Sector.
- Degree in Computer Science, Information Technology or Information Systems;
- At least 5 years of experience in Information Technology (IT) Risk Management platform;
- Strong knowledge in one or more of the following technology risk areas : applications security or system security, operating systems, networking, mobile devices, cloud technologies such as IAAS, SAAS enviornments;
- Proficient in IT risk related industry standards such as ISO 27001, NIST, OWASP, Cloud Security;
- Exposure to Information Technology Risk Management assessment, processes, framework, policies and standards;
- Excellent communication, presentation, and advisory skills;
- Ability to work independently, manage stress and multi-task in a fast-paced environment;
- Proactive, motivated and independent.
- IT security certifications, such as CISSP, CGEIT, CRISC, CISM, CISA, CEH.
- To plan, implement and review the IT Governance, Risk, Compliance program, ensuring compliance within the organisation;
- Contribute to the formulation and implementation of company wide IT governance standards and procedures in compliance with regulatory requirements;
- Design and implement IT risk assessment checklists and operational IT Risk Controls;
- Establish the IT Risk Management process and conduct RCSA in accordance with MAS Technology Risk Management (MAS TRM) guidelines;
- Continuously identify GRC Key risk indicators (KRI) and maintain IT Risk Register;
- Collaborate with stakeholders for risk management, mitigation and remediation measures;
- Liaise with internal and external parties for IT GRC related audits and facilitate timely remediation of issues;
- To be updated with technology related legislation and regulation that affect the Technology Risk management;
- Keep abreast of the dynamic cyber threat landscape and identify opportunities for enhancement of IT risk processes;
- Work with key stakeholders in building a strong company wide risk-aware culture;
- Ensure all processes and policies are in line with organization\\’s risk management processes, regulatory requirements and standards.