Assistant Vice President, Regional Technology Risk Manager

The Role

As a member of the Technology Risk Team, you will be collaborating with various stakeholders within SMBC Technology teams, regional branches, Risk Department or Legal/Compliance to manage technology related risks as well as participating in IT Governance, Risk and Compliance (GRC) activities within the region.

Job Responsibilities

• Oversee IT GRC activities within APAC branches such as collating risk reports, supporting branches audits, reviewing Risk acceptance requests.
• Manage or support regulatory compliance effort within the region, e.g., MAS Cyber Hygiene or RMiT gap analysis, follow up on questionnaires and Circulars etc.
• Function as a consultant/advisor on risk & control or regulatory matters to technology units, as well as working with them to resolve technology risk issues.
• Coordinate and facilitate the control self-assessment activities, including conducting independent control testing where necessary or reviewing appropriateness of control descriptions.
• Offer effective 1LOD challenge to technology units on risk remediation priorities and provide risk opinion, advisories & recommendations to IT management and 2LOD.
• Support 2LOD in risk governance activities, e.g., establish KRIs and Technology Management Framework as well as monitoring/reporting of KRIs.
• Maintain and upkeep IT policies and processes owned by the team.

Job Requirements

• Master’s or bachelor’s degree in a technical discipline preferably in Computer Science/Engineering or equivalent.
• Min. 5 years of working experience with min. 3 years in risk & control or audit function in the financial industry.
• Ability to identify risks and assess adequacy of controls as well as recommending suitable control enhancements.
• Good appreciation of cyber risk management strategies/controls in the industry
• Excellent communication, presentation, and interpersonal skills and able to manage stakeholders across multiple disciplines.
• Prior experience in delivering security awareness training within the organization.
• Strong critical thinker with the vision to work both tactically and strategically.
• Candidates with CISSP or CISM certification is preferred.
• Experienced candidate would be considered for a senior role.
• Work location: One@ChangiCity