Technology Risk Specialist SG

#LI-DA1

Key Responsibilities 

Business and System Resilience 

1. Foster agility and growth mindset to implement robust TRM strategies, framework and policies to manage technology and cybers risks of CIMB Singapore to be better prepared to mitigate and manage these risks in the face of evolving system/information security and cyber threat.​
2. Work closely with CIMB Singapore and Group IT stakeholders and other NFRM specialists in supporting business and operational resilience strategies, roadmap and business continuity plan to strengthen the Bank's technology risk resilience, address potential vulnerabilities and ensure continuity of business operation with better responsiveness and recovery from technology-related incidents.​
3. Facilitate the continuous improvement initiatives to ensure technology risks and cyber threat are identified with corresponding operational risks controls and framework, and mitigating actions.​
4. Work in collaboration with IT to implement the Cyber Defence Program to focus on protection against cyber threats by leveraging threat intelligence, building up the Bank's cyber response readiness and modernizing the Bank's cyber surveillance technology.​
5. Work in collaboration with other NFRM specialists on the validation of various control environment testing results and deep-dive review and control of the key risk indicators related to technology risk. Perform sample checks on the effectiveness of BUs/BEs' technology risk controls for assessment of risk rating.​
6. Facilitate the analysis, reporting and escalation to risk committees / working groups / forums / steering committees related to change process management or projects specifically addressing matters related to Technology Risk and Cyber Security. ​
7. Report and escalate to risk committees on Technology risk exposure and mitigation activities or any other high or critical issues requiring attention and remediation.​
8. Provide secretariat function and support for SG Technology Risk Committee and / or other SG risk committees.​

People Management – Customer and Employee Engagement & Development

Customer:

1. Foster collaboration with CIMB Singapore BUs/BEs, and other relevant cross-functional stakeholders within Risk.​
2. Build and maintain strong relationships and rapport with various business units, business support function units and other areas of risk management within CIMB Singapore.​
3. Promote and foster a collaborative and high-performance risk culture for sustainable growth.

Employee Engagement & Development:

1. Provide guidance and / or support to team members, ensuring alignment with the Bank's strategic objectives and Group Risk priorities.​
2. Embrace CIMB EPICC culture and values.​

Regulatory Compliance

1. Provide support to Singapore Risk in addressing MAS requirements and audit request, ensuring the Branch's risk framework and practices are in compliance with the applicable banking laws, regulations, internal policies and procedures.​
2. Stay abreast of industry trends, regulatory developments and best practices in technology risk management to continuously enhance the bank's risk management capabilities.

Job Requirements

• Undergraduate degree in Computer Science, Information Technology or Engineering
• Preference for  Information Security and Risk certification. Such as CISA, CRISC, CISSP and CISM.
• At least 5-10 years of working experience with sound knowledge and experience of cybersecurity and information security risk management, preferably within the Financial Services sector.​
• Strong knowledge of operational risk frameworks and understanding of industry best practices including the specialized subject matter. Knowledge of relevant regulatory technology risk management guidelines / requirements (e.g. MAS FSM-N05 and FSM-N06 and relevant Technology Risk Management guidelines) and industry standards/ frameworks such as NIST, ISO 27001/2.​
• Professional certification related to technology risk and security is an advantage (e.g. CISA, CRISC, CISSP etc)
• Possess critical thinking capabilities including strong problem-solving and judgment skills.​
• Agile and growth mindset with the ability to embrace change and drive innovation in risk management practices.
• Self-motivated and adaptable with strong initiative and desire to learn and develop.​
• Excellent communication and interpersonal skills for effective collaboration across departments.​
• Proficient in Presentation slides and Excel.​