Information Security Risk Manager
Industry: Banking & Financial Services
About the Role:
- You will be involved in performing IT Security Risk Assessment, Information Security Due Diligence on external party and supporting businesses on all IT Security matters.
- Manage third party Information Security due diligence on bank's service suppliers, including onsite assessments
- Lead onsite or virtual assessments for third party Information Security Due Diligence, managing technology and cybersecurity controls expertise
- Identify and document control breaks and vulnerabilities within customers' IT environments and work with Line of Businesses to resolve through action plans, or assist with risk assessments
- Lead the targeted workstreams and support ad-hoc assignments as requested
- Collaborate closely with technology and business stakeholders to ensure security risks are identified, communicated, understood therefore an informed decision on risk can be maGuide and support IS teams of subsidiaries to ensure oversight and consistency on IT security risk and Third Party IS due diligence management
- Develop, maintain, and enhance the Information Security Due Diligence checklists, processes and operating procedures
- Continuously focus, strategize and implement process improvements i.e. automation, workflow design and digitization for an effective and efficient Third Party IT Security Posture.
- Provide reporting and tracking of work deliverables.
- Keep up-to-date awareness of security trends covering both new threats and technologies in order to understand the evolving risk and better safeguard the organization.
- Bachelor's degree in Computer Science, Information Technology
- At least 6 - 8 years of experience in Information Security and risk related work preferable in large organization especially banking environment.
- Experience and good understanding of one or more technology areas, including Data Security, Infrastructure Security, Endpoint/Platform Security, Identity Management, Application/Mobile Application Security, Cloud Security
- Strong understanding of the Banking industry IS policy and standards, regulatory and industry trends, good practices in providing practical and appropriate recommendation, resolution and remediation options to the businesses.
- Experience in industry standards and requirements such as ISO 27001, MAS TRM, NIST, CCM
- Industry certifications issued by organizations such as ISC2, ISACA, SANS, Microsoft, CISCO, AWS, etc.
Interested applicants, please email your CV to Danielle Tan in Microsoft Words format at Danielle.firstname.lastname@example.org
Company Reg No.: 201131609D | Licence No.: 11C4684 | Reg No: R23114873, Danielle Tan