• Competitive
  • Singapore
  • Permanent, Full time
  • OCBC Bank
  • 19 Sep 17

Technology Risk Manager

Technology Risk Manager

  • Collaborate with security architecture and engineers, infrastructure and applications teams and vendors to identify innovative security as well as controls and actively apply these solutions to advance Group O&T security and controls posture in our internal processes and outsourced vendor operation;
  • Review and identify technology risk/ security operations gaps, vulnerabilities, associated risks and mitigation strategies in our internal and outsourced service providers (OSP) environment;
  • Conduct gap analysis of new regulations and Bank's policies to Group O&T's established processes / guidelines to ensure compliance;
  • Facilitate implementation of the Bank Group's and regulators' Technology Risk Management (TRM) related policies, guidelines, methodologies and initiatives for proactive risk management among Group O&T;
  • Provide independent review of O&T Risk & Control Self-Assessment (RCSA) and Technology Risk System Assessment (TRSA) for reporting to O&T management;
  • Develop as well as deploy ad-hoc reviews on line departments /outsourced party and follow up on control issues to ensure the issues are also adequately addressed across function and locations;
  • Provide advisory services to line departments on risk and control implementation initiatives;
  • Design & launch risk awareness programs;
  • Analyse trends, anomalies and behaviours for risk and control management reporting;
  • Coordinate the annual review of the Business Criticality Questionnaire (BCQ) for all applications in the Bank;
  • Maintain the IT Management Process for Group Technology to ensure that documents are reviewed and updated on schedule, remain relevant and current;
  • Group secretariat for technology operational risk reporting process. Coordinate with OCBC subsidiaries and bank's IT departments for collation of key risk indicators and preparation of risk dashboards for management review.


Qualifications
  • 5+ years of relevant experience
  • Strong IT background. CISSP/ CISA will be an added advantage
  • Good organisation skills and able to work independently
  • Familiar with office tools such Excel, PowerPoint, Word
*LI-ML