Assisting CISO in overseeing the planning, execution and management of technology projects related to compliance, control assurance, risk management, security and IT assets protection;
Identify and recommend to the Management on cybersecurity goals and objectives consistent with the Bank's business needs/objectives;
Accountable and responsible for the overall Bank's management of cyber risk;
Aware and take appropriate measures of current and emerging technology risks affecting the industry, which could potentially affect the Bank's risk profile;
Perform an end-to-end risk assessment of the Bank in relation to cyber risk to enforce compliance with the Framework, Policy and other technology-related regulatory requirements;
Provide strategic insights on technology risk and security matters, as well as the Bank's technology security risk profile, to Management/Board Committees to ensure the confidentiality, integrity, and availability of the Bank's information assets from cyber threats at all times;
Review the IT and cyber security strategic plans that must reflect the Bank's risk appetite, business and cyber security strategy for a period of three to five years; and
To provide sufficiently detailed information on key technology risks and critical technology operations to facilitate strategic decision-making. This includes reporting enterprise key risk indicators on the IT and cyber health posture.
Qualifications
A recognised degree in Computer Science or an equivalent technical degree
Be appropriately certified in CISSP or any equivalent certification
At least 5 years of experience in IT Risk Management, information technology and information security
Experience/Skills
At least 2 years of experience in IT Risk Management, information technology and information security in a Financial institution
Fresh graduates with no prior experience are encouraged to apply
Fluent in English in speaking and writing
Ability to communicate effectively
Considerable knowledge and experience of best practices in technology risk.
High degree of personal commitment, interpersonal skills with clear strategic vision and proven communication, and supervisory skills.
Ability to work under pressure and respond to tight deadlines
Competence in the use of standard Microsoft Office Suite applications.
Experience in desktop management, cyber risk/security management policies
In-depth knowledge of industry standard technologies, information and cyber risk/security management
Hands-on experience in Information Technology and risk assessment
Process knowledge of regulatory supervision on technology
