Group Technology and Operations (T&O) enables and empowers the bank with an efficient, nimble and resilient infrastructure through a strategic focus on productivity, quality & control, technology, people capability and innovation. In Group T&O, we manage the majority of the Bank's operational processes and inspire to delight our business partners through our multiple banking delivery channels.
Responsibilities
Be the subject matter expertise to provide guidance and support to the various Technology and Business Support teams in terms of technology governance and industry recommended practices.
Devise the process to perform the risk assessment, validate the risks identified, and propose mitigation controls for the risk areas with stakeholders.
Lead and manage the technology risk assessment and compliance review activities with various stakeholders, including but not limited to regulatory guidelines and standards.
Perform data analysis on the procedure/process for review activities to ensure compliance to Bank's IT and Security policies and standards.
Support the stakeholders in finding ways to improve process, operational efficiency, and effectiveness.
Provide technical expertise/consultation for process improvement and quality assurance to project managers and IT teams from Technology Risk perspective.
Track process improvements progress to ensure timely closure.
Build rapport and partner with the respective stakeholders, IT teams (Application, Cybersecurity, Infrastructure) to assess and manage Technology Risks relating to Site Reliability Engineering, Cyber Security and Emerging Technology, including but not limited to Blockchain, 5G, IOT and Cloud Services
Communication and Collaboration
Provide timely and periodic update to managements on audit, security and controls matters.
Communicate and provide guidance of new policies and standards to relevant application teams.
Requirements
Degree in Computer Science, Engineering, Information Technology, or related discipline with minimum 12 years of working experience in the Financial / Banking IT industry
Experience in conducting IT audit, performing risk assessment or regulatory compliance reviews.
Possess Professional Certifications in Risk Management, Audit, Cybersecurity like CRISC/CGEIT/ITIL /CRMA/CISSP/ CISA/ CISM, or related training will be advantageous.
Strong verbal & written communication skills particularly effective documentation skills.
Familiar with Microsoft Office suite: Words, Excel, PowerPoint etc.
Knowledgeable with Software Development Life Cycle, Infrastructure platforms, User Access Controls, Clouds and Cybersecurity Controls
Good understanding of processes in the areas of technology and business, cybersecurity issues, and operational risks.
Knowledge of the Banking Act - MAS Technology Risk Management Guidelines, Information Security Policy, Cyber Security Act, MAS Outsourcing Guidelines etc.
Demonstrated experience of leveraging data and analytics to get stakeholder buy-in that help with process improvement.
Meticulous with eye on details and ability to perform deep-dive investigation and crunching for control and process issues.
Able to manage stress and multi-task in a fast-paced environment, and able to work on irregular working hours (when need to)
Able to collaborate and manage stakeholders at various levels from the operating level to the senior management across locations.
Able to effectively manage time, prioritize tasks and responsibilities.
Systemic thinking with strong analytical and planning skills