Tech Risk Governance (Senior Manager)
Job Title: | Tech Risk Governance (Senior Manager) |
Contract Type: | Contract |
Location: | Malaysia |
Industry: | |
Start Date: | ASAP |
Reference: | RS-TechRiskGSM |
Contact Name: | Ross Stubbs |
Contact Email: | ross.stubbs@tanint.com |
Job Published: | July 02, 2020 11:29 |
Job Description
Ross is looking for a Tech Risk Governance Senior Manager to work in Malaysia on a year's contract.
As a senior member of Technology Risk Governance, you will design, implement and execute an effective process to address and support audit and regulatory engagements at Group and BU level.
Responsibilities:
- Working with GIA and BU TR teams, maintain oversight of on-going and upcoming audit/regulatory assessments supported or to be supported by the team.
- For Group level cybersecurity-related audits, represent Group Technology Risk (GTR) and manage all aspects of in-scope matters including planning, fieldwork, discussion/confirmation of findings etc.
- For local BU cybersecurity-related audits, represent Group Technology Risk to support and provide guidance to local BU TR team for GTR managed processes.
- Responsible and accountable for ensuring that all GTR information submitted to auditors or regulators are verified and are factually accurate.
- Working with responsible GTR teams, be responsible and accountable for ensuring that all draft audit or regulatory findings on GTR processes are appropriately validated for factual accuracy before confirmation.
- Working with responsible GTR teams, ensure action plans defined addresses root cause of findings with the aim of avoiding a repeated finding.
Requirements:
- Degree in Computer Science or related discipline
- 10+ years’ experience in IT audit, preferably internal and within insurance business.
- Excellent written and verbal communication skills and ability to escalate timely to management.
- Strong knowledge of Technology Risk Standards and Industry Standards frameworks such as ISO 27001 and NIST.
- Strong knowledge of regulatory requirements as related to Information Security and Technology Risk
- Familiarity with information security controls and technical knowledge in areas such as Infrastructure security, Application Security, Cyber Security, Identity and Access Management
- Certified Information System Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC) preferable.
- Staff management experience required.
- Occasional travel is required.
Communication requirements:
- Excellent command of written and spoken English
- Can present at C level committees
- Cantonese/Mandarin are desirable.
PLEASE NOTE - Due to current conditions, the client is only looking to hire Malaysian nationals.
Get similar jobs like these by email
By submitting your details you agree to our T&C's