Senior Analyst, IT Risk

Client:

Our client is one of the largest Financial Services companies in Asia.

Job Summary:

This role is critical in ensuring the bank's compliance with regulatory requirements and maintaining a robust cybersecurity posture. The incumbent will be responsible for managing the bank's IT Risk Framework, conducting risk assessments, overseeing security controls, and providing cybersecurity training. Strong communication and collaboration skills are essential to effectively work with internal and external stakeholders.

Key Responsibilities:

1. Manage IT Risk Framework:
   Maintain and update the IT Risk Register.
   Coordinate and facilitate the Technology Committee meetings.
   Conduct critical system assessments and due diligence for IT outsourcing partners.
2. Cybersecurity Management:
   Collaborate with Japan HO IT Risk Management Div. and the Cyber Security Team on system risk assessments and cybersecurity exercises.
   Develop and deliver comprehensive cybersecurity training programs for all employees, including general security awareness training and incident response tabletop exercises for senior management.
3. IT Policy & Procedures:
   Manage and maintain all relevant IT policies and procedures.
4. Third-Party Risk Management:
   Serve as the primary point of contact for IT auditors.
   Implement appropriate mitigation and remediation plans for identified risks.
5. Security Controls:
   Collaborate with IT Infrastructure and Development teams to enhance security controls, including patch management, vulnerability management, access control, and role-based segregation of duties.
6. Vendor Management:
   Review and manage the renewal of IT vendor contracts in accordance with MAS Outsourcing Guidelines.

Requirements:

1. Education: Minimum Degree in Computer Science or related field.
2. Experience:
   Minimum 1-3 years of experience in IT Risk and Cybersecurity.
   Experience in the banking sector or a similarly regulated industry is highly preferred.
   Experience with MAS technology regulations is a strong advantage.
3. Certifications: ISO/IEC 27001, CISSP, or CISM certifications are a significant plus.
4. Technical Skills: In-depth knowledge of network infrastructure, PCs/devices, multiple cloud services, and platform operating systems.
5. Other Skills:
   Strong analytical and problem-solving skills with a proactive approach.
   Excellent communication, interpersonal, and presentation skills.
   Ability to work independently and collaboratively within a fast-paced environment.
   Strong attention to detail and organizational skills.

Benefits:

1. Competitive salary and benefits package.
2. Opportunity to work in a challenging and dynamic environment.
3. Opportunities for professional development and growth.

Working Location: Central

Syahirah Binte Ahmad Ja'afar (R22105331)

JAC Recruitment Pte. Ltd. (90C3026)