Vice President, Third Party Information Security Risk Manager

Singapore, Singapore

Job Description


Vice President, Third Party Information Security Risk Manager

Posting Date: 12 Oct 2023

Location:
Singapore (City Area), Singapore, Singapore, 048624

Company: United Overseas Bank Ltd

About UOB

United Overseas Bank Limited (UOB) is a leading bank in Asia with a global network of more than 500 branches and offices in 19 countries and territories in Asia Pacific, Europe and North America. In Asia, we operate through our head office in Singapore and banking subsidiaries in China, Indonesia, Malaysia and Thailand, as well as branches and offices. Our history spans more than 80 years. Over this time, we have been guided by our values - Honorable, Enterprising, United and Committed. This means we always strive to do what is right, build for the future, work as one team and pursue long-term success. It is how we work, consistently, be it towards the company, our colleagues or our customers.

About the Department

Group Technology and Operations (GTO) provides software and system development, information technology support services and banking operations.

We have centralized and standardized the technology components into Singapore, creating a global footprint which can be utilized for supporting our regional subsidiaries and the branches around the world. We operate and support 19 countries with this architecture to provide a secure and flexible banking infrastructure.

Our Operations divisions provide transactional customer services for our businesses while also focusing on cost efficiency through process improvements, automation and straight through processing.

Job Responsibilities

Third Party Information Security Risk Manager involved in performing IT Security Risk Assessment, Information Security Due diligence on Third Party and supporting the businesses as the subject matter expert on all IT Security matters, to ensure risks are highlighted for business evaluation and decision making on a timely manner.
.

  • Plan and conduct IT security risk assessment on bank\'s systems throughout the lifecycle covering different layers of technology architecture to identify possible security risks, advise and evaluate the mitigation controls and measure the residual risk.
  • Manage third party IS due diligence on bank\'s service suppliers, including on-site assessments when required.
  • Lead onsite / virtual assessments for third party IS Due Diligence, managing technology and cybersecurity controls expertise
  • Identify and document control breaks and vulnerabilities within third parties\' IT environments and work with Line of Businesses to resolve through action plans, or assist with risk assessments
  • Lead the targeted workstreams and support ad-hoc assignments as requested
  • Collaborate closely with technology and business stakeholders to ensure security risks are identified, communicated, understood therefore an informed decision on risk can be made
  • As the HQ function, guide and support IS teams of subsidiaries to ensure oversight and consistency on IT security risk and Third Party IS due diligence management
  • Support the Third Party risk committees to ensure robust Third Party IT Security risk governance
  • Develop, maintain, and enhance the IS Due Diligence checklists, processes and operating procedures
  • Continuously focus, strategise and implement process improvements e.g. automation, workflow design and digitization for an effective and efficient Third Party IT Security Posture.
  • Provide reporting and tracking of work deliverables.
  • Keep up-to-date awareness of security trends covering both new threats and technologies in order to understand the evolving risk and better safeguard the organization.
Job Requirements
  • Bachelor\'s degree in Computer science, Information Technology, or a related field is required.
  • At least 8 years of experience in Information Security and risk related work preferable in large organization especially banking environment.
  • Experience and good understanding of one or more technology areas, including Data Security, Infrastructure Security, Endpoint/Platform Security, Identity Management, Application/Mobile Application Security, Cloud Security
  • Strong understanding of the Banking industry IS policy and standards, regulatory and industry trends, good practices in providing practical and appropriate recommendation, resolution and remediation options to the businesses.
  • Strong relationship building, stakeholder management, communication, presentation and influencing skills with both technical and non-technical staff
  • Strong written and verbal presentation skills at senior management level, with experience in managing senior business stakeholders, debating issues with senior management levels across businesses
  • Demonstrate the strong motivation and capabilities to drive initiatives and changes
  • Proactive and strong team leader and player with minimal supervision
  • Excellent analytical and problem-solving skills. Ability to simplify complex issues such as risk matters, workflows and business processes, and develops effective solutions.
  • Experience in industry standards and requirements such as ISO 27001, MAS TRM, NIST, CCM
  • Industry certifications issued by organizations such as ISC2, ISACA, SANS, Microsoft, CISCO, AWS, etc.
Be a part of UOB Family

UOB is an equal opportunity employer. UOB does not discriminate on the basis of a candidate\'s age, race, gender, color, religion, sexual orientation, physical or mental disability, or other non-merit factors. All employment decisions at UOB are based on business needs, job requirements and qualifications. If you require any assistance or accommodations to be made for the recruitment process, please inform us when you submit your online application.

Apply now and make a difference

eFinancialCareers

Beware of fraud agents! do not pay money to get a job

MNCJobz.com will not be responsible for any payment made to a third-party. All Terms of Use are applicable.


Related Jobs

Job Detail

  • Job Id
    JD1381204
  • Industry
    Not mentioned
  • Total Positions
    1
  • Job Type:
    Full Time
  • Salary:
    Not mentioned
  • Employment Status
    Permanent
  • Job Location
    Singapore, Singapore
  • Education
    Not mentioned