isecjobs.com

Vice President, Technology Risk Governance

Menara Affin, TRX

Full Time Executive-level / Director USD 31K - 72K *
AFFIN Group logo

AFFIN Group

View all jobs at AFFIN Group

Apply now Apply later

Create your future with Affin! ​​You too can make a difference.

Join us at AFFIN, where the open minds meet and be inspired by a shared commitment to great work. Here, you don’t just stay at the forefront of the industry – you can make a difference too.

JOB PURPOSE

  • Establish and maintain governance and oversight on the effectiveness of Technology Risk Management for Affin Group.

  • This function will be responsible for maintaining a strong Technology Risk Management culture, formulating/reviewing the technology risk appetite, tolerances, and threshold that aligns with the Banking Group’s risk appetite, and establishing/maintaining a program to identify, assess, measure, monitor, control, and report on significant technology risks.

ACCOUNTABILITIES

  • Review and maintain technology risk metrics, including management dashboard and reporting.

  • Conduct independent assessments or risk reviews to identify, assess and evaluate potential and emerging IT and Cyber threats as well as strategies to reduce, mitigate or transfer the Technology and Cyber risk.

  • Provide advisory, guidance, and recommendation on aspects related to technology risks, particularly in the area of Information Security and Controls, and ensure compliance with the internal IT policies & procedures, as well as regulatory guidelines.

  • Responsible for driving and supporting the Technology Risk awareness and training programs.

  • Work closely with the Business Continuity Management team and Technology team in defining/updating the issues management, as well as Crisis Management and communication processes.

  • Work with the Technology team to ensure relevant regulatory, banking industry and IT best practices are in place or incorporated into the existing policy, procedures and standards.

  • Monitor and report the compliance status of the frameworks, policies, and other technology related regulatory requirements.

  • Provide support to the first line of defense on the establishment of Technology Risk awareness and training programs.

  • Keep abreast of the latest technology and the emerging technology threat landscape.

  • Support the Head of Technology Risk, GCRO, and Senior Management in overseeing the effective implementation of Technology Risk Management at entities level.

JOB REQUIREMENTS

  • Degree in IT, IS or Computing, and/or other relevant domains.

  • Minimum of 5 years of working experience in Technology Risk Management, Cyber Risk Management, Information Security, or IT audit for the financial services industry.

  • Professional certification such as CISA, CEH, CRISC, and CISSP is an added advantage.

  • Possess good knowledge and experience with IT Governance and Control, Information Security, and Information Technology Risk Management.

  • Solid experience in undertaking technical security assessments of IT solutions.

  • Familiar with Bank Negara Malaysia regulatory requirements related to Technology Risk.

  • Strong analytical, influencing, and problem-resolution skills.

  • Ability to engage regulators during the inspection.

  • Good written and communication skills, and ability to interact with senior management, as well as different stakeholders from different divisions and departments.

  • Ability to work and collaborate with people across seniority and cultures.

  • Ability to work independently with minimum supervision.

Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  2  0  0
Categories: Compliance Jobs Leadership Jobs

Tags: Audits Banking CEH CISA CISSP Compliance CRISC Governance Risk management Security assessment

Region: Asia/Pacific
Country: Malaysia

More jobs like this

« Back to job search To the top ↑

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.

Senior Security Analyst jobsInformation System Security Officer jobsSenior Cloud Security Engineer jobsInformation Security Manager jobsSenior Network Security Engineer jobsInformation Security Specialist jobsSenior Cybersecurity Engineer jobsSecurity Consultant jobsSenior Penetration Tester jobsIT Security Engineer jobsSecurity Specialist jobsSenior Information Security Analyst jobsSenior Cyber Security Engineer jobsCyber Security Specialist jobsChief Information Security Officer jobsStaff Security Engineer jobsIT Security Analyst jobsInformation System Security Officer (ISSO) jobsPrincipal Security Engineer jobsCloud Security Architect jobsCyber Security Architect jobsSystems Engineer jobsSecurity Operations Analyst jobsSenior Product Security Engineer jobsSenior Information Security Engineer jobs
CI/CD jobsSaaS jobsMalware jobsForensics jobsEncryption jobsEDR jobsIDS jobsSplunk jobsTop Secret jobsIPS jobsRMF jobsSDLC jobsSQL jobsIntrusion detection jobsBash jobsCompTIA jobsThreat detection jobsDoDD 8570 jobsOWASP jobsITIL jobsFinance jobsDocker jobsActive Directory jobsTCP/IP jobsCRISC jobs
IT infrastructure jobsGIAC jobsVPN jobsHIPAA jobsUNIX jobsBanking jobsTerraform jobsClearance Required jobsSANS jobsJavaScript jobsDNS jobsPolygraph jobsSOX jobsCISO jobsOSCP jobsAnsible jobsCCSP jobsMITRE ATT&CK jobsSOC 2 jobsJira jobsGCIH jobsData Analytics jobsCryptography jobsCyber defense jobsSOAR jobs