Risk Analyst, Technology Risk

ROLE PURPOSE:

• Support risk quantification analysis to promote the development of sound technology risk management in the financial industry financial stability and public confidence.

PRINCIPAL ACCOUNTABILITIES:

• Support the development of risk quantification infrastructure via data collection, benchmarking and evaluation.
• Assist in performing thematic review or relevant studies on the adequacy of risk quantification models and methodologies adopted by financial industry to promote best practices to the industry.
• Support activities to promote the use of big data and artificial intelligence in technology supervision.
• Perform horizontal surveillance to identify and escalate emerging risks across financial industry.
• Provide tactical and strategic recommendation to prevent build-up and propagation of excessive risk in the financial system.
• Provide assessment on complex technical areas to support supervisory assessment and policy development.
• Apply continuous improvement in own area of work in line with regulatory requirements and global best practices.
• Prepare written reports, presentation material and public communique where required. Communicate risk assessment results to the stakeholders and execute action plan under the direction of Associate Risk Specialist.
• Maintain regular information exchange with stakeholders and coordinate industry working group meetings to advocate adoption of best practices.
• Capability building to strengthen IT risk management:
• Pay-it-forward: mentor newcomers.
• Show-the-way: Prepare materials and conduct training to supervisors and FIs for new policies implementation.
• Undertake other ad-hoc assignments, when assigned.

CRITICAL SUCCESS FACTORS:

• Grit, agile, critical thinking.
• Attention to detail and able to meet deadlines.
• Rigorous research, deep data analysis, and effective use of surveillance tools.
• Ability to see the big picture and understand various dynamics at play.
• Ability to work as individual contributors as well as team lead where required.
• Sense of urgency.
• Knowledge of legal and regulatory requirements relating to technology risks.
• Effective internal and external stakeholders engagements and collaborations.
• Ability to convey complex ideas in simple terms.
• Ability to articulate IT risk in business terms.
• Effective team player as well as strong individual contributor.
• Comfortable with calculated risk taking and willing to push the boundary.

REQUIREMENTS:

• Academic: Min. Bachelor Degree in Computer Science/ Data Science or any other relevant degree.
• Experience: Min 3 years in IT/Cyber/Operational Risk Quantification analysis, Financial/Risk application programming, technology risk management, IT architecture governance and implementation, and/or data analytics.
• Professional certifications related to risk quantification analysis, information systems security, auditing, control, assurance and risk management, e.g. ISACA CISA/ CISSP/ CRISC/ CGEIT/ CDPSE, ISO27001, CEH, CQRM, OpenGroup FAIR, ITIL, TOGAF, CCSM/CCSK, is desirable.