Snr Analyst, Digital &Pymt Sys (1011483)
- Full Time, onsite
- RHB Banking Group
- Selangor Business/Systems Analysts (Information & Communication Technology) Full time, Malaysia
Apply on
Description
Primary Objective:
Custodian and system expert who can advise, analyze, plan, implement, maintain, support (and retire/refresh where required) all locally hosted (On premise, Cloud) business applications and platforms required to run Singapore operations:
Common to all Senior Analyst
- Maintain and ensure business application running in production are kept running and supported in a healthy state;
- Analyze and recommend new application and platform acquisitions to meet evolving Singapore Operation’s needs based on capturing and documenting business requirements elicited from business stakeholders
- Where the business application is in-house developed do the required coding and development, otherwise engage with 3rd party vendor to get enhancements developed and then deploy into test and prod when ready
- Ensure IT is operated in a manner that complies with Bank Policies and frameworks, standards, circulars, guidelines and MAS regulated act, notices, circulars, and guidelines applicable to technology (Compliance, Audit, Risk Adherence). – Application and Platforms
- Ensure IT assets are protected and secure – Applications and Platforms
- Assist in annual budgeting – Applications and Platforms
- Be a key stakeholder and technology partner on the bank Digital journey.
- Foster and champion bank PRIDE values within the technology department and imbue the department with a culture of teamwork, innovation, discipline, resiliency and dedication to how work is approached.
- Where vendor based solution approach adopted and/or outsourced approach, arrange due diligence and assessment from technology perspective on behalf of users.
- Provide day-to-day support to business users on any application system issues or constraints
- Ensure assigned application deployments running on bank managed environments are properly QA and meet conditions.
- Co-ordinate the setup and manage test environments to ensure business can do their enhancements and new projects testing for assign applications.
Specific to Digital and Payments
Digital and Payments: Digital, Payments and Channel systems such as Mobile Banking (MBK), SOA / API and Messaging platforms, UAS/E2EE/MFA customer token platform, Digital onboarding, ATMs, SWIFT/MEPS+, G3 Fast and Bulk Payments, Cheque processing system, Enterprise workflow system, document share system, RPA
Key Responsibilities:
Strategy, Planning, Mgmt. Reporting
- Provide expert advice and support to technology management in the area of expertise
- Contribute in the formulation a comprehensive Branch IT strategy covering IT policies and procedures, security, architecture, business solutions and operational functional requirements
- Keep abreast of developments and innovations in the FI IT landscape
- Provide mentorship, support and guidance to colleagues, share information and facilitate problem solving
- Contribute in the yearly budgeting for IT expenditures and investments.
IT Operations
- Ensure business applications running in production are healthy and functioning per expected.
- Ensure prompt and efficient provision of IT support based on assigned area of expertise (includes request from Data center operations team)
- Oversee contingency plans and ensure their adequacy
- Ensure IT assets are protected and secure
- Maintain and ensure timely renewal of digital certificates and proper lodgment with IT security team.
- Ensure IT operations run in a manner consistent with high score from audit, risk, compliance assessments. The following to be operationalized as standard procedure against all IT asset components:
- Administrative Accounts – All admin accounts lodged into PAM solution per group IT Security guidelines and MAS notice 655 point 4.1
- Patching – Patch notification process established with vendors and patch calendar updated, upon patch release assessment and implementation as needed Per patching guidelines and MAS notice 655 point 4.2
- Hardening - Per component definition and enforcement against SG security standard and Group IT Security guidelines and SG addendum/s and MAS notice 655 point 4.3
- Network Perimeter Defense – Network traffic and segments, firewalls, proxies, dns, vpn access setup in secure manner per group IT security guidelines and MAS notice 655 4.4
- Malware – IT Security consulted and all required IT security protections installed on IT assets per MAS notice 655 point 4.5
- Multi-factor Authentication – MFA, where applicable implement MFA of administrative and internet accounts with access to customer information using PAM per MAS notice 655 point 4.6
- Logging and Monitoring – Security, Capacity, Downtime, Audit
- Capacity Mgmt. – Pre-emptive monitoring (via monitoring), planning and execution of capacity upgrades as needed
- EOL/EOS Upgrades – Per group guidelines. Track and execute upgrades and/or do risk assessment and deviation approval.
- Housekeeping – scripted clean-ups and truncations of logs and temp files after necessary archives executed
- Backups – Required backup strategy per backup guidelines operationalized to central Backup Platform. Recurring scheduled backup validation activities scheduled and performed ongoing to ensure backups working per need.
- Work with system stakeholders to ensure proper classification of system criticality and ensure design and architecture can meet the assessed criticality needs:
- MAS 644 defined Critical system – Ensure DR setup and working and can achieve RTO within 4 hours, RPO within 2 hours and maximum unplanned downtime of not more than 4 hours per rolling 12 months;
- MAS 644 defined non-critical system – Ensure HA/DR per stakeholder requirement.
- BCM related activity planning and execution
- Review and Approve/Reject production change requests as part of TCAB committee
- Raise CAB CR as necessary
- Cutover related planning and execution
- Ensure and maintain adequate test environments in good working order to support enhancements and new projects;
- Adhere to SDLC for both in-house and 3rd party solution platforms.
- Take BAU day 2 operational ownership in terms of maintenance, support and minor enhancement ownership of new systems and/or major enhancements delivered by the Digital Delivery and DevOps team
- Track IT related spend against budget.
- Write Memos to authorize procurements
- Write Memos to get deviation approvals where required.
Application and Systems Development / New Platform Acquisition
- Lead in the requirements gathering and documentation, design and where in-house the coding, test support and implementation of new systems or enhancements of existing systems:
- Analyze, design, document and develop technical solutions according to business requirements (or in case of off the shelf, co-ordinate with 3rd party vendor)
- Provide accurate, complete and up to date system documentation
- Provide training to users to ensure correct usage and proper adoption upon rollout
- Oversee the QA of software implementation
- Oversee the deployment and implementation of applications to run on Cloud for existing systems based on end-user needs and business rationale.
- Assist team lead to write and table committee papers as required to get new systems and/or platforms, or major refreshes approved.
- Write Memos to authorize procurements
- Write Memos to get deviation approvals where required
- Work together with Digital Delivery and DevOps team to support digital and cloud initiatives in terms of initial advisory and then follow-on necessary analysis and co-ordination/implementation related to integration requirements and enhancement required to existing business applications to enable the digital initiative.
- Work with Digital Delivery and DevOps team to support migration of workloads running on-premises to Cloud.
Regulatory and Procedural Expertise
- Keep up to date and refreshed on required reading related to guiding how IT must be run in a regulated Financial institution. Minimum read list:
- MAS Technology Risk Management Guidelines (TRMG)
- MAS Notice 644 – Technology Risk Management.
- MAS Notice 655 – Cyber Hygiene
- MAS Outsourcing Guidelines
- RHB Group IT Security Guidelines and SG addendum/s
- SG Patching Guidelines
- SG Backup Guidelines
- SG Technology Department Operational Manual (OM)
- SG IT Standard Operational Procedures (SOP), and System Manuals (SM)
- SG Procurement Operational Manual (OM)
Other Responsibilities
- Participate in Monthly Technology Department meetings.
- Participate in regular Team meeting.
- Use Department issue and work tracking platform.
- Maintain and keep up to date team knowledge base and assist in updating team document assets such as system manual / standard operating procedures (SOP), and operations manuals
Requirements
Bachelor Degree - Bachelor Degree/Masters Qualification.
-
- TOGAF architecture certification (not mandatory)• .
Net developer related certification (not mandatory)
- Java developer related certification (not mandatory)
- SQL Developer related certification (not mandatory)
- Minimum 5 years of experience documenting requirements, designing solutions, and coding or configuring off the shelf software as part of technology department in a financial institution based in Malaysia or Singapore
- Minimum 3 years of experience in providing level 3 IT operations support in a financial institution based out of Malaysia or Singapore.
- Experience managing vendors
- Working knowledge of bank operations and products
- Experience in level 2/3 support and also writing and reviewing Functional specifications, Technical design documents, interface documents in the domain of digital channel systems and/or payment platforms SWIFT/MEPS+, G3.
- Experience in agile based SDLC methodologies
- JavaScript / Node.js | .Net | Java | SQL | Python | Shell Scripting development skills
Benefits
Dental, Education support, Miscellaneous allowance, Medical, Loans, Sports (e.g. Gym), Parking, Vision, Regular hours, Mondays - Fridays, Casual Business Wear, Performance Based Rewards