Vice President, IT Risk

JOB PURPOSE:

• Support the Head of Risk Management to maintain, control and improve the IT related risk management.
• Responsible for the technology risk management function of the Bank

PRINCIPAL DUTIES:

• Formulating and reviewing IT and cyber related policies for the effective implementation of Technology Risk Management Framework and the Cyber Resilience Framework
• Ensuring compliance and alignment of the Bank policies with regulatory and Parent Bank’s policies / guidelines
• Provide advice on technology and cyber related matters to senior management
• Organize and conduct IT risk assessment, Business Impact analysis and gap analysis for all technologies, products and functions of the Bank.
• Design and implement IT risk management key risk indicators in alignment with the bank’s risk appetite and tolerance levels to support business objectives.
• Review IT policies, standards and procedures to verity that they address the organisation’s internal and external risk management requirements.
• Participate in IT projects and initiatives to bring pro-active risk management focus into solutions
• Monitor and report on IT risk management and risk control status of the bank
• Support Business Continuity Management (BCM with the corresponding responsibilities)

EXPERIENCE / KNOWLEDGE REQUIRED:

• Bachelor’s degree or equivalent in IT or IT related specialisation.
• More than 5 years’ experience in IT preferably in IT risk management, IT Security and/or IT Audit related activities of the financial industry.
• Good oral and written skills in English. Competence in oral and written Mandarin is a strong advantage.
• Good interpersonal and managerial skills relating to employees, planning and policy formulation.
• Knowledge of local laws and regulations relating to IT is essential.
• Appropriately certified e.g. CISO, CISSP, CISM