My client, a leading enterprise with one of the largest sophisticated technology setups, is looking for a Technology Risk Manager to manage their second-level line of defense. You will be working with some of the best people in the field to manage a large technology transformation across technology risk and governance.
Responsibilities:
Manage Information Security and Risk Management including technology governance, BCP, regulatory and internal requirements.
Work with different technology stakeholders to facilitate internal/external audits.
Resolve negative audit findings reported by the security audit team and track the remediation progress.
Enhance audit process and proficiency by implementing audit standards, methodologies, and techniques
Identify potential risks, forecast trends, and uncover insight through various Data Engineering and Analytics.
Identify and capture risks and exceptions and subsequently monitor, track, and manage them
Assist to process regular assessment and penetration testing on different applications
Requirements:
Around 6 - 8 years of experience in technology risk management or relevant IT control, and audit functions in the financial industry.
Familiar with technology risk management and regulatory requirements.
Previous IT Security & Risk control or audit experience will be an advantage.
Exposure to security and technology knowledge including DevSecOps and cloud infrastructure.
Project Management experience in leading large-scale IT Security & Risk Control or Audit projects.
Knowledge of ISMS, ISO27001, and OWASP IT Security Frameworks.
CISA, CISM, or/and CISSP certification is preferred.
Excellent communication skills in English.
Degree from a Reputable University.