Senior Manager, Group Technology Assurance

About FWD Group

FWD Group is a pan-Asian life and health insurance business with more than 12 million customers across 10 markets, including some of the fastest-growing insurance markets in the world. The company was established in 2013 and is focused on changing the way people feel about insurance. FWD’s customer-led and digitally enabled approach aims to deliver innovative propositions, easy-to-understand products and a simpler insurance experience.

For more information, please visit www.fwd.com

For more information about FWD Hong Kong, please visit www.fwd.com.hk/.

PURPOSE

• Lead the overall technical assurance definition and execution of the Technology Assurance framework and programs that guide, monitor, evaluate and report on the efficiency of the internal controls related to technology.
• Be the subject matter and provide expertise level guidance on compliance requirements related to technology for control/process documentation, testing and issue management.  
• Lead and drive the collaboration with Group InfoSec Governance to effectively assess the critical and key gaps against standards, as well as international and local regulatory requirements related to technology. 
• Lead and manage the Technology assessment at an expert level and evaluate and advise the overall design and effectiveness of all key technology controls throughout the business cycle.

KEY ACCOUNTABILITIES

• Contribute and support the Head of Technology Assurance & Information Security Governance in defining, developing and maintaining technology assurance framework in all FWD markets in accordance with the Group Technology Roadmap.
• Work closely with senior management of business units and within Group Technology through tracking and reporting function, to ensure regular updates to management on the Technology Assurance programs.
• Be accountable for the planning, management and execution of the day-to-day activities of Technology related audit engagements.
• Ensure system and control owners are identified; and coordinate with owners to support technology assurance and assessment activities.
• Collaborate with key technology, business, risk, audit and compliance teams to identify, evaluate and address critical technology related risks.
• Proactively research industry trends and define, influence and implement appropriate and practical technology related KRIs, metrics and solutions to create and enhance process efficiency and address key risks. 
• Define, oversee and ensure all test scenarios for effectiveness of the internal controls and provide guidance to remediate the deficiencies/ weaknesses.
• Ensure FWD readiness for IT Security Internal/External audits.
• Advise BUs on Technology risk assessment.

QUALIFICATIONS / EXPERIENCE

• Minimum 6-8 years of experience in IT Audit and Risk Assessment.
• Degree from Information Technology or equivalent discipline
• One of industry recognized certification such as CGEIT, CISSP, CISM, CISA, ISO 27001, CRISC, PCI DSS etc.

KNOWLEDGE & TECHNICAL SKILLS

• Excellent stakeholder management and communication skills.
• Project delivering experience
• Solid understanding of current and emerging technologies.
• Understanding of IT SOX and other IT/IS frameworks and best practices such as COSO, COBIT, ITIL, ISO 27001, SOC 2, 3, etc.
• Good knowledge of privacy regulations and data protection.
• Detailed oriented and able to work under pressure and accustomed to work under tight deadlines.
• Team-oriented, collaborative, diplomatic and flexible.
• Strong written and verbal communication skills, strong interpersonal skills and the ability to communicate effectively across business units.