China Bank IT Risk Coverage Officer
The Asia Technology & Data (T&D) Department is seeking an experienced Technology & Information Risk (TIR) professional to join China Bank T&D team in Zhuhai, responsible for leading all aspects of technology risk managements in China Bank.
The applicant will have oversight and cross IT-Silo co-ordination of technology risk activities, issues/action plans arising from the inspections/audits, self assessments, and other internal risk related assessment processes and will work with T&D development and infrastructure teams to identify and enhance risk controls.
As the China Bank Technology Risk manager, the applicant will report to the China Bank CIO and provide regular technology risk management status updates to the banks Operation risk committee.
This position’s responsibilities will include:
² Management and co-ordination of responses to regulatory inquiries/inspections/audits and monitoring resolution of regulatory findings.
² Work on supporting global technology risk assessment programs and help define local requirements.
² Assessment of IT risk exposures. Conduct self-assessment and data analysis to help identify technology related risks and exceptions, and subsequently monitor, track and manage them. Areas and examples for these analyses include vendor and supplier related risks, stability and incidents etc.
² Supporting the implementation and maintenance of T&D policies and standard. Enforcing compliance with Firm-standard technology risk posture in the region.
² Providing greater communication and transparency of TIR processes to business units. Represent technology risk at the local industry wide technology risk forums.
Skills / Experience Required:
² Strong understanding of financial industry businesses and technology risk concept and China regulatory environment and/or experience as technology auditor.
² Working experience of risk assessment methodologies, internal controls and industry technology risk management frameworks such as ITIL, CobiT, and ISO 27001
² Outstanding communication and interpersonal skills. Ability to work effectively with all levels of the organization. Excellent influencing and negotiation skills
² Ability to draft high quality written products that are comprehensive, accurate, and tailored to the audience
² Strong organizational skills and an ability to manage multiple demands and changing priorities. Detail oriented.
² A proven track record in global and cross team projects. Strong project management skills
² Strong analytical skills required to enable independent research and accurate assessments of risk management process effectiveness and adherence to regulatory requirements.
² Willingness to travel domestically and occasionally internationally
² 5-10 years of relevant Technology Risk, IT Security and Information Security experience
Industry certifications such as CISA, CISSP, CISM, CRISC