VP/SVP, Specialist Technology Risk Governance and Reporting, Risk Management

VP/SVP, Specialist Technology Risk Governance and Reporting, Risk Management Group-(2500006J)

Business Function

Risk Management Group works closely with our business partners to manage the bank’s risk exposure by balancing its objective to maximise returns against an acceptable risk profile. We partner with origination teams to provide financing, investments and hedging opportunities to our customers. To manage risk effectively and run a successful business, we invest significantly in our people and infrastructure.

Technology is key to enabling the DBS vision of being the leading bank in Asia. We are constantly challenged by ever changing technology landscape, increasing customer sophistication / demands and introduction of new / updated regulatory requirements. We need passionate Technology Risk Managers who play a high impact role as second line function in enhancing the bank’s technology risk and cybersecurity posture. This includes identifying potential technology and cybersecurity risks associated with existing, evolving and new technology systems and business processes, assessing potential impacts and engaging with other technology leaders on the risk treatment options based on enterprise risk appetite. Risks and mitigation plans are reported to senior leadership for review and attention.

The Role

The incumbent is a driven, self-starter, who plays an active role working in a dynamic environment with the Technology risk teams and is expected to have analytical skills to assess information and identify potential risks, be inquisitive on risks and controls issues and be the voice of reason to change risk culture.

The incumbent is responsible for risk and controls governance with ability to identify risk issues and lapses in risk oversight.

Responsibilities

• Analyse and identify emerging trends, hotspots, systemic issues and potential technology risks and controls issues.

• Analyse trends, anomalies and behaviours and work with technology stakeholders to design and implement technical IT risk measure that are relevant to the Lines of Business.

• Use data driven approach and possess extensive experience with reporting tools and relevant programming languages to improve efficiency.

• Responsible for delivering effective risk governance with the ability to raise issues in risk forums.

• Perform thematic second line assurance reviews, including short and targeted focused reviews for areas of topical and key concern.

• Ability to work independently, prepare and write comprehensive reports for senior management on technology risk management activities and risk events for presentation to risk committees.

• Ability to communicate complex technology risk concepts in a clear and concise manner.

Requirements

• University degree or equivalent, with major study in finance, accountancy, business and/or technology

• At least 15 years of working experience in banks or financial institutions, with good understanding of operational risk, technology risk and processes.

• Aptitude and experience in risk and control related roles in governance and second or third lines of defence and familiar with reporting tools

• Strong communication and facilitation skills; able to work with and influence stakeholders at all levels

• An analytical thinker with good risk sense and affinity to using data to solve problems

• Positive attitude to change, constantly looking for better ways to get things done and to challenge status quo

• Self-driven and able to balance creative and pragmatic approaches

• Professional security or risk management certifications is mandatory. The preferred list of qualifications for reference:

  • Certified Information Systems Auditor (CISA)

  • Certified Risk & Information Systems Control (CRISC).

  • Certified Cloud Security Professional (CCSP).

  • CISSP

  • CISM

  • ISO27001 Lead Auditor

Work Relationship

• Support the Head of Unit in discharging the responsibilities of the team.

• Contribute as a member of Team with ability to independently review risk and controls and ensure that TRM standards and guidelines are adhered to.

• Develop relationships with colleagues in the technology organisation.