isecjobs.com

Technology Risk Specialist SG

Malaysia

Full Time Senior-level / Expert USD 28K - 67K * est.
Company logo

CIMB

CIMB Group is the leading ASEAN Universal Bank and home for all your personal and business financial needs. Know more about our group here.

View all jobs at CIMB

Apply now Apply later

Key Responsibilities 

Business and System Resilience 

  1. Foster agility and growth mindset to implement robust TRM strategies, framework and policies to manage technology and cybers risks of CIMB Singapore to be better prepared to mitigate and manage these risks in the face of evolving system/information security and cyber threat.​
  2. Work closely with CIMB Singapore and Group IT stakeholders and other NFRM specialists in supporting business and operational resilience strategies, roadmap and business continuity plan to strengthen the Bank’s technology risk resilience, address potential vulnerabilities and ensure continuity of business operation with better responsiveness and recovery from technology-related incidents.​
  3. Facilitate the continuous improvement initiatives to ensure technology risks and cyber threat are identified with corresponding operational risks controls and framework, and mitigating actions.​
  4. Work in collaboration with IT to implement the Cyber Defence Program to focus on protection against cyber threats by leveraging threat intelligence, building up the Bank’s cyber response readiness and modernizing the Bank’s cyber surveillance technology.​
  5. Work in collaboration with other NFRM specialists on the validation of various control environment testing results and deep-dive review and control of the key risk indicators related to technology risk. Perform sample checks on the effectiveness of BUs/BEs’ technology risk controls for assessment of risk rating.​
  6. Facilitate the analysis, reporting and escalation to risk committees / working groups / forums / steering committees related to change process management or projects specifically addressing matters related to Technology Risk and Cyber Security. ​
  7. Report and escalate to risk committees on Technology risk exposure and mitigation activities or any other high or critical issues requiring attention and remediation.​
  8. Provide secretariat function and support for SG Technology Risk Committee and / or other SG risk committees.​

People Management – Customer and Employee Engagement & Development

Customer:

  1. Foster collaboration with CIMB Singapore BUs/BEs, and other relevant cross-functional stakeholders within Risk.​
  2. Build and maintain strong relationships and rapport with various business units, business support function units and other areas of risk management within CIMB Singapore.​
  3. Promote and foster a collaborative and high-performance risk culture for sustainable growth.

Employee Engagement & Development:

  1. Provide guidance and / or support to team members, ensuring alignment with the Bank’s strategic objectives and Group Risk priorities.​
  2. Embrace CIMB EPICC culture and values.​

Regulatory Compliance

  1. Provide support to Singapore Risk in addressing MAS requirements and audit request, ensuring the Branch’s risk framework and practices are in compliance with the applicable banking laws, regulations, internal policies and procedures.​
  2. Stay abreast of industry trends, regulatory developments and best practices in technology risk management to continuously enhance the bank’s risk management capabilities.

Job Requirements

  • Undergraduate degree in Computer Science, Information Technology or Engineering
  • Preference for  Information Security and Risk certification. Such as CISA, CRISC, CISSP and CISM.
  • At least 5-10 years of working experience with sound knowledge and experience of cybersecurity and information security risk management, preferably within the Financial Services sector.​
  • Strong knowledge of operational risk frameworks and understanding of industry best practices including the specialized subject matter. Knowledge of relevant regulatory technology risk management guidelines / requirements (e.g. MAS FSM-N05 and FSM-N06 and relevant Technology Risk Management guidelines) and industry standards/ frameworks such as NIST, ISO 27001/2.​
  • Professional certification related to technology risk and security is an advantage (e.g. CISA, CRISC, CISSP etc)
  • Possess critical thinking capabilities including strong problem-solving and judgment skills.​
  • Agile and growth mindset with the ability to embrace change and drive innovation in risk management practices.
  • Self-motivated and adaptable with strong initiative and desire to learn and develop.​
  • Excellent communication and interpersonal skills for effective collaboration across departments.​
  • Proficient in Presentation slides and Excel.​
Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  2  0  0
Category: Compliance Jobs

Tags: Agile Banking CISA CISM CISSP Compliance Computer Science CRISC ISO 27001 NIST Risk management Surveillance Threat intelligence Vulnerabilities

Perks/benefits: Team events

Region: Asia/Pacific
Country: Malaysia

More jobs like this

« Back to job search To the top ↑

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.

Security Operations Engineer jobsSenior Cloud Security Engineer jobsSystems Administrator jobsSenior Security Analyst jobsSenior Cybersecurity Engineer jobsIT Security Analyst jobsSenior Information Security Analyst jobsCyber Security Specialist jobsInformation Security Manager jobsSenior Network Security Engineer jobsSenior Information Security Engineer jobsSenior Product Security Engineer jobsSecurity Consultant jobsInformation System Security Officer (ISSO) jobsChief Information Security Officer jobsInformation Systems Security Engineer jobsSecurity Specialist jobsIT Security Engineer jobsSenior Cyber Security Engineer jobsSenior Software Engineer jobsCyber Threat Intelligence Analyst jobsCybersecurity Specialist jobsSenior IT Auditor jobsCyber Security Architect jobsSecurity Operations Analyst jobs
EDR jobsEncryption jobsTS/SCI jobsCEH jobsJava jobsThreat detection jobsSDLC jobsSplunk jobsTerraform jobsIDS jobsMalware jobsFinance jobsIPS jobsRMF jobsTop Secret jobsForensics jobsSQL jobsDocker jobsSOC 2 jobsActive Directory jobsCompTIA jobsIntrusion detection jobsOWASP jobsITIL jobsCRISC jobs
Clearance Required jobsGIAC jobsHIPAA jobsTCP/IP jobsAnsible jobsVPN jobsDoDD 8570 jobsSOAR jobsIT infrastructure jobsOSCP jobsMITRE ATT&CK jobsData Analytics jobsJira jobsDNS jobsSOX jobsBanking jobsUNIX jobsCCSP jobsZero Trust jobsIndustrial jobsJavaScript jobsCISO jobsGCIH jobsMachine Learning jobsArtificial Intelligence jobs