Job Description

One of the global banks is expanding its presence in APAC.
As a part of expansion, client is looking to hire Regional Technology Risk & Control, who will play a key role in expansion.

Responsibilities

• The Regional Technology Risk & Controls, Asia Oceania role is to ensure that the Bank is in full compliance with the relevant technology policies, standards, and regulatory requirements. Reporting to the Regional Head, Governance & Controls, Asia & Oceania, this role is to manage technology risks and cybersecurity effectively and to ensure that consistent risk management framework and practices are applied across the region.
• Assist the Regional Head, Governance & Controls, Asia & Oceania to deliver strategic technology risk and cybersecurity transformation activities.
• Effective management of all technology risk and cybersecurity framework including technology policies and standards based on the Bank\'s risk appetite.
• Timely update on all material technology risk and cybersecurity topics including a set of risk indicators to the relevant risk committees and forums.
• Ensure that all forms of requests are responded in time including audit, local regulatory, compliance, DR, BCP technology components, and security needs.
• Ensure that risks identified are addressed within an appropriate timeframe.
• Ensure that all necessary legal and regulatory controls (e.g., HKMA SPMs and MAS TRMG) are in place from initial migration through service provisioning
• Act as the single point of contact in responding to enquiries around technology risk and cybersecurity from senior management and regulatory including internal and external audits.
• Responsible for evaluating and reporting of regular risk assessment activities covering compliance status and incident

metrics

• Analyze root cause of major incidents together with other IT teams to avoid the same incidents being occurred.
• Lead the Bank\'s technology risk and cybersecurity acceptance process whenever necessary and follow-up risk mitigation / prevention plans
• Coordinate with other IT teams to address control weaknesses, including design and implement new controls to address known issues
• Conduct trainings to improve awareness of the Bank\'s control requirements and industry good practices

cybers

Skills

Must have

• Minimum of 10 years\' experience in technology risk, cybersecurity, or IT audit.
• Professional certifications such as CISA, CISM, CISSP, CRISC, CGEIT, and CDPSE.
• Solid understanding of regulatory requirements (e.g., HKMA SPMs and MAS TRMG) and industry standards (e.g., COBIT).
• Experience in designing and implementing new controls to mitigate identified risks
• Excellent communication and interpersonal skills including presentations and writing risk papers, with the ability to collaborate effectively with stakeholders at all levels.
• Analytical mindset and problem-solving abilities
• Ability to work in a fast moving high pressure environment and balancing multiple work streams.

Nice to have

• Experience in financial services or regulated environments is preferred
• Previous experience in cloud security is an advantage

Languages

English: C2 Proficient

Seniority

Senior

Relocation package

If needed, we can help you with relocation process. .

Vacancy Specialization

Engineering Program Management

Ref Number

VR-98589

Luxoft