Sumitomo Mitsui Banking Corporation | Assistant Vice President, Regional Technology Risk Manager
Job details
Assistant Vice President, Regional Technology Risk Manager As a member of the Technology Risk Team, you will be collaborating with various stakeholders within SMBC Technology teams, regional branches, Risk Department or Legal/Compliance to manage technology related risks as well as participating in IT Governance, Risk and Compliance (GRC) activities within the region. Job Responsibilities Oversee IT GRC activities within APAC branches such as collating risk reports, supporting branches audits, reviewing Risk acceptance requests. Manage or support regulatory compliance effort within the region, e.g., MAS Cyber Hygiene or RMiT gap analysis, follow up on questionnaires and Circulars etc. Function as a consultant/advisor on risk & control or regulatory matters to technology units, as well as working with them to resolve technology risk issues. Coordinate and facilitate the control self-assessment activities, including conducting independent control testing where necessary or reviewing appropriateness of control descriptions. Offer effective 1LOD challenge to technology units on risk remediation priorities and provide risk opinion, advisories & recommendations to IT management and 2LOD. Support 2LOD in risk governance activities, e.g., establish KRIs and Technology Management Framework as well as monitoring/reporting of KRIs. Maintain and upkeep IT policies and processes owned by the team. Job Requirements Master’s or bachelor’s degree in a technical discipline preferably in Computer Science/Engineering or equivalent. Min. 5 years of working experience with min. 3 years in risk & control or audit function in the financial industry. Ability to identify risks and assess adequacy of controls as well as recommending suitable control enhancements. Good appreciation of cyber risk management strategies/controls in the industry. Excellent communication, presentation, and interpersonal skills and able to manage stakeholders across multiple disciplines. Prior experience in delivering security awareness training within the organization. Strong critical thinker with the vision to work both tactically and strategically. Candidates with CISSP or CISM certification is preferred. Experienced candidate would be considered for a senior role. #J-18808-Ljbffr
Apply safely
To stay safe in your job search, information on common scams and to get free expert advice, we recommend that you visit SAFERjobs, a non-profit, joint industry and law enforcement organization working to combat job scams.
