Business Function
Group Technology and Operations (T&O) enables and empowers the bank with an efficient, nimble and resilient infrastructure through a strategic focus on productivity, quality & control, technology, people capability and innovation. In Group T&O, we manage the majority of the Bank's operational processes and inspire to delight our business partners through our multiple banking delivery channels.
Unit Description
The Risk Governance function supports the technology infrastructure and public cloud functions in DBS Group to ensure that IT risks and control deficiencies are identified, and suitable remediation is implemented as appropriate. The individual will be responsible for assessing the risk and compliance state of key controls for infrastructure systems and public cloud, and serve as an in-unit control function.
This is a unit within the Group Infrastructure and Cloud (GIC), that oversees and manages the Group's technology infrastructure across multiple locations and Public Cloud platforms.
Role Summary
Cross-discipline exposure to open source, virtualization/cloud, automated processes, platform, storage, network, desktops, servers, security, DevOps, etc., are essential for this position. The incumbent is a driven, self-starter, who plays an active role working in a dynamic environment with the infra teams to embed controls in their processes and operations.
Additionally, the incumbent need to have analytical skills in order to assess information and identify potential risks. They also possess problem-solving skills to be able to determine how to reduce those risks. Incumbent should be inquisitive on risks and controls issues and rationalize their mitigation.
Communication skills are important, because they must develop clear protocols, inform management about potential risk issues and relay information as well as impact about policy changes effectively.
Responsibilities
- Evolve the way IT control environment (Application, Infrastructure, Cybersecurity and Public Cloud) are assessed, monitored and mitigated
- Ability to use analytical thinking and automation (scripting) to solve security, risk and control issues
- Identify, through automated means, IT operations gaps, vulnerabilities, associated risks and mitigation strategies in our internal and outsourced service providers (OSP) environment
- Demonstrate good understanding of the security, risks and controls of cross-discipline technology environment in a financial institution
- Understand the operating environment and design security, risk and control metrics. Analyse trends, anomalies and behaviours for risk and control reporting
- Execute and complete all technology risk and control assessments, as well as engaging IT security, application and infrastructure teams; with the objectives of identifying risks, information security, controls and operational lapses
- Collaborate with various Technology teams in the maintenance of effective internal Technology risk controls
- Perform change request reviews to identify risks prior to production deployment
Requirements
- Minimum 7 years of relevant experience for AVP and 10 years of relevant experience for VP with good understanding of technology platform and solutions
- Familiar with technical security solutions surrounding various technologies such as but not limited to: IDS, IPS, firewall management, anti-virus, content filtering, secure email solutions, network sniffing, log management & analysis, forensics, VPN, load balancing, routing, switching and network management
- Experienced IS or risk professional with experience and exposure to Agile, DevOps, SRE and cloud technologies (preferred)
- Prior experience in either banking, IT risk management, security-related or IT audit (preferred)
- Good interpersonal and communication skills - spoken and written
- Good planning and other project management skills, including strong organisation skills
- Must be solutions oriented; ability to work with all levels of management and staff
- Self-driven, passionate about hands-on learning on emerging technologies and its risks
- Self-starter, performance-oriented individuals
- Passionate about driving change through innovation
- Experience in outsourced vendor management
- Professional Certification preferred - CISA/CISM/CRISC
Apply Now
We offer a competitive salary and benefits package and the professional advantages of a dynamic environment that supports your development and recognises your achievements.
Primary Location
Singapore-DBS Asia Hub
Job
Technology
Schedule
Regular
Job Type
Full-time
Job Posting
Sep 23, 2024, 9:43:00 PM
