An organization is searching for an
Information Technology Risk Management Professional. The institution is a key player in the finance sector, and is dedicated to fostering a secure and technologically advanced environment for its clients. they are seeking a dynamic professional to join their existing team in Singapore.
This role involves collaborating with internal and external teams to assess risks, implement effective security measures, and ensure the overall robustness of the technology landscape.
Key Responsibilities:
- Conduct comprehensive risk assessments for the firm's IT systems, applications, and processes.
- Develop, implement, and enforce risk management policies, procedures, and controls to mitigate potential threats.
- Collaborate with cross-functional teams to identify and address emerging risks associated with technological advancements.
- Monitor and analyze security incidents, providing timely response and remediation strategies.
- Stay abreast of industry trends, emerging threats, and best practices to enhance the firm's risk management capabilities.
- Communicate effectively with stakeholders, including IT teams, senior management, and regulatory bodies.
Qualifications:
- Bachelor's degree in Information Technology, Computer Science, or a related field.
- Minimum of 5 years of experience in information technology risk management, with a preference for candidates with financial services industry experience.
- Strong understanding of information security frameworks, risk assessment methodologies, and regulatory requirements.
- Familiar with related regulations such as Technology Risk Management Guideline, CCoP2 Risk Management Practices, Guideline on Business Continuity Management, Guideline on Outsourcing and other relevant notices and guidelines
- Familiarity with industry frameworks and methodologies for technology risk management, such as NIST Cybersecurity Framework, ITIL, ISO 27001, and COBIT. Professional certifications such as CISA (Certified Information Systems Auditor), CISM (Certified Information Security Manager), or CRISC (Certified in Risk and Information Systems Control) are advantageous.
- Experience with risk assessment tools and technologies.
- Excellent communication skills, both written and verbal.
#JPKR
#JPKR
