NFRM Business and System Resilience Senior Specialist - Technology Risk SG
Singapore
CIMB
CIMB Group is the leading ASEAN Universal Bank and home for all your personal and business financial needs. Know more about our group here.Responsibilities:
- Establish and implement robust Technology Risk Management strategies, framework and policies to manage technology and cybers risks across the enterprise and enable the organization to be better prepared to mitigate and manage these risks in the face of evolving system/information security and cyber threat.
- Play a pivotal role as subject matter expert on Technology Risk to review and provide insightful advice & objective assessment to BUs/BEs on the evaluation of technology resiliency and cyber security, including third-party arrangements and business continuity.
- Work closely with country and Group IT stakeholders and other NFRM specialists in establishing coherent business and operational resilience strategies, roadmap and business continuity plan to strengthen the Bank’s technology risk resilience, address potential vulnerabilities and ensure continuity of business operation with better responsiveness and recovery from technology-related incidents.
- Drive the continuous improvement initiatives to ensure technology risks and cyber threat are identified with corresponding operational risks controls and framework, and mitigating actions.
- Ensure effective enforcement of technology risk management framework, Group Policies & Procedures and develop a set of Singapore specific addendums and facilitating the technology risk management policies, processes as well as validating compliance with the approved Group Policy and Procedures.
- Proactively assess the compliance exposure to current and emerging security and technology related to MAS and other technology-related regulatory requirements, plan and track remediation efforts.
- Work in collaboration with IT to implement the Cyber Defence Program to focus on protection against cyber threats by leveraging threat intelligence, building up the Bank’s cyber response readiness and modernizing the Bank’s cyber surveillance technology.
- Work in collaboration with other NFRM specialists on the validation of various control environment testing results and deep-dive review and control of the key risk indicators related to technology risk. Perform sample checks on the effectiveness of BUs/BEs’ technology risk controls for assessment of risk rating.
- Work collaboratively with the Chairperson of the TRC and effectively articulate and communicate Technology risk framework, concepts, controls and protocols to relevant stakeholders in various BUs/BEs.
- Provide strategic advisory and insightful guidance to the risk committees / working groups / forums / steering committees related to change process management or projects specifically addressing matters related to Technology Risk and Cyber Security.
- Report and escalate to Senior Management / risk committees on Technology risk exposure and mitigation activities or any other high or critical issues requiring attention and remediation.
Requirements:
- Graduate degree in Economics, Finance, Accounting or numerate studies
- Professional information security certifications such as CISA, CRISC and/or CISSP would be an advantage
- At least 15 years of working experience with sound knowledge and experience of cybersecurity and information security risk management, preferably within the Financial Services sector.
- Strong knowledge of operational risk frameworks and understanding of industry best practices including the specialized subject matter.
- Knowledge of regulatory requirements (e.g. MAS Notice 644, MAS 655, and relevant Technology Risk Management guidelines) and industry standards/ frameworks such as NIST, ISO 27001/2 and Cyber Security Act.
- Forward and strategic thinking with the ability to deliver pragmatic solutions to risk issues independently.
- Agile mindset with the ability to embrace change and drive innovation in risk management practices.
- Excellent communication and interpersonal skills for effective collaboration across departments.
- Leadership qualities to inspire and mentor teams towards professional growth and continuous learning.
- Strong analytical, problem-solving, and judgment skills.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
0
0
0
Category:
Compliance Jobs
Tags: Agile CISA CISSP Compliance CRISC Finance ISO 27001 NIST Risk management RMF Surveillance Threat intelligence Vulnerabilities
Perks/benefits: Career development
Region:
Asia/Pacific
Country:
Singapore
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Information Systems Security Officer jobsInformation System Security Officer jobsSenior Cloud Security Engineer jobsInformation Security Manager jobsSenior Network Security Engineer jobsSenior Cybersecurity Engineer jobsInformation Security Specialist jobsSecurity Consultant jobsSenior Information Security Analyst jobsSenior Penetration Tester jobsSecurity Specialist jobsCyber Security Specialist jobsIT Security Engineer jobsSenior Cyber Security Engineer jobsChief Information Security Officer jobsIT Security Analyst jobsPrincipal Security Engineer jobsInformation System Security Officer (ISSO) jobsStaff Security Engineer jobsCloud Security Architect jobsCyber Security Architect jobsSecurity Operations Analyst jobsSenior Information Security Engineer jobsSystems Administrator jobsThreat Intelligence Analyst jobs
GDPR jobsSaaS jobsForensics jobsEncryption jobsMalware jobsTop Secret jobsEDR jobsSDLC jobsSplunk jobsRMF jobsSQL jobsIDS jobsIPS jobsBash jobsCompTIA jobsIntrusion detection jobsDoDD 8570 jobsDocker jobsThreat detection jobsFinance jobsITIL jobsOWASP jobsTCP/IP jobsTerraform jobsActive Directory jobs
VPN jobsCRISC jobsGIAC jobsUNIX jobsClearance Required jobsIT infrastructure jobsBanking jobsSANS jobsJavaScript jobsPolygraph jobsAnsible jobsHIPAA jobsJira jobsDNS jobsMITRE ATT&CK jobsSOX jobsOSCP jobsCCSP jobsData Analytics jobsMachine Learning jobsSOC 2 jobsSecurity strategy jobsSOAR jobsGCIH jobsCISO jobs