Manager, Technology Assurance

About FWD Group

FWD Group is a pan-Asian life and health insurance business with more than 12 million customers across 10 markets, including some of the fastest-growing insurance markets in the world. The company was established in 2013 and is focused on changing the way people feel about insurance. FWD’s customer-led and digitally enabled approach aims to deliver innovative propositions, easy-to-understand products and a simpler insurance experience.

For more information, please visit www.fwd.com

FWD Technology and Innovation Malaysia Sdn. Bhd., known as FWD TIM, was established in late 2019. Strategically located in Kuala Lumpur, FWD TIM serves as a pivotal shared service location within FWD Group, providing services to multiple markets across the Group. FWD TIM houses a diverse and talented workforce focused on essential business and technology services such as information security, cloud operations, IT solutions delivery, digital and data, actuarial, finance, investments, and customer service, among many others. FWD TIM is dedicated to drive and deliver operational excellence and efficiency, foster innovation and ensure regulatory compliance across all business functions as well as maintain a competitive edge in the market.

PURPOSE

• Manage the end-to-end implementation of the Technology Assurance program that guides, monitors, evaluates and reports on the efficiency of the internal controls related to technology.
• Provide in-depth technical guidance on compliance requirements related to technology for control/process documentation, testing and issue management.
• Work closely with Group InfoSec Governance and Technology Assurance to effectively assess and resolve the gaps against standards, as well as international and local regulatory requirements related to technology controls.
• Drive, manage and/or perform the end-to-end Technology assessment to evaluate the design and effectiveness of technology controls throughout the business cycle.

KEY ACCOUNTABILITIES

• Manage and guide the team to perform end-to-end implementation of the technology assurance framework for all markets. 
• Coordinate and review the evidence and collection for Technology related audits.
• Identify system and control owners and drive and coordinate with owners to support technology assurance and assessment activities.
• Collaborate with key technology, business, risk, audit and compliance teams to evaluate critical technology related risks.
• Propose, implement, and guide BUs for risk resolution prioritization.
• Review the data collected and calculates for the defined Technology related KRIs and Metrics and prepare regular reports.
• Be the driver of improvement opportunities to increase efficiency and effectiveness of technology assurance program. 
• Perform and be accountable for follow-ups through closure on the outstanding deficiencies and coach and advise control owners in the design and implementation of processes and control improvement.
• Lead, develop, mentor and provide guidance to more junior members of the Tech Assurance Team.

KEY PERFORMANCE INDICATORS

• Guide FWD markets in adoption of the technology assurance framework.
• Working on a group level with all stakeholders to gather and organise and deliver key business requirements.
• Meet the objectives of the program within the defined timelines.
• Ensure Technology controls are compliant against required standards/ benchmarks and best practices.
• Ensure timely implementation of recommendations for remediating the weaknesses/deficiencies.
• Keep pace with changes in technologies in support of technology compliance programs. 
• Doing things right, creating synergies for the overall FWD goals and objectives, along with a people first approach.

EXTERNAL & INTERNAL CONTACTS

• Group IT and Information Security Teams
• Business Units Technology Teams
• Internal Audit
• External Auditors
• Vendors and/or Service Providers
• Group operational risk
• Group legal and Compliance

QUALIFICATIONS / EXPERIENCE

• Minimum 7 to 10 years of experience in IT Audit and Risk Assessment.
• Degree from Information Technology or equivalent discipline.
• One of industry recognized certification such as CGEIT, CISSP, CISM, CISA, ISO 27001, CRISC, etc.

KNOWLEDGE & TECHNICAL SKILLS

• Excellent stakeholder management, communication, influencing and negotiation skills.
• Project delivering experience
• Solid understanding of compliance requirements related to technology for control/process documentation, testing and issue management.
• Solid understanding of current and emerging technologies.
• Understanding of IT SOX and other IT/IS frameworks and best practices such as COSO, COBIT, ITIL, ISO 27001, SOC 1, 2, 3, etc.
• Good knowledge of privacy regulations and data protection.
• Good problem solving and analytics skills
• Detailed oriented and able to work under pressure and accustomed to work under tight deadlines.
• Team-oriented, collaborative, diplomatic and flexible.
• Strong ability to manage relationships and work for results
• Strong written and verbal communication skills, strong interpersonal skills and the ability to influence and communicate effectively across business units.