Epicareer Might not Working Properly
Learn More

Risk and Cybersecurity Analyst

  • Full Time, onsite
  • Hitachi Sunway Information Systems Sdn Bhd
  • Kuala Lumpur, Malaysia
RM 3,857 - RM 9,697 / Per Mon

Apply on

Availability Status

This job is expected to be in high demand and may close soon. We’ll remove this job ad once it's closed.


Original
Simplified
  • Assist Technology Risk & Compliance Manager in managing technology risk and compliance within DTS communicating the Bank's direction on technology risk & compliance policies to all staff and provides advisory services and support as the Technology Risk Policy Owner (RPO)
  • Complement Risk Management Department (RMD) in facilitating and managing the transversal technology risks across the Bank
  • Assist with the implementation and enforcement of the Technology Compliance Management Framework within the department.
  • Build and maintain strategic partnership with the Bank's Internal Audit as well as respective IT process owners to ensure conformance to IT and bank-wide compliance requirements.
  • Assist Technology Risk Manager to undertake the role as Risk Policy Owner [RPO] for technology risks in the Bank [2nd line of defence].
  • Assess on the potential technology risks via environmental scanning and keeping abreast of risk trends to facilitate the identification and monitoring of technology transversal risks for the Bank including establishing risk ownership.
  • Evaluate technology risk scenarios reported by the line departments to determine the likelihood and impact of significant technology risks, with key prioritisations. Propose necessary action plans to mitigate transversal technology risks via policy issuance or other risk treatment plans.
  • Assess risk appetite and tolerance levels set by management with the respective significant activity owners and key stakeholders through awareness programs and promote effective management of transversal technology risks.
  • Consolidate and escalate transversal technology risks to RMD and the Bank’s risk oversight committees and provide expertise in technology risk related matters to complement RMD in managing emerging technology risks in the Bank.
  • Assist Technology Risk Manager in managing technology risk and undertaking the role as Line Department Risk Champion [1st line of defence] - [Annual Declaration of IT Risks].
  • Clearly define risk events, causal, existing controls, action plan and assess the likelihood and impact for departmental based on the Bank’s risk taxonomy and risk framework. Identify risks based on the 4As guiding principle – Availability, Accessibility, Agility, Accuracy and recommend risk treatment strategies and plan.
  • Share and provide value-added technology risk assessment advisory and consultancy services to stakeholders via an in-depth understanding of the stakeholder’s business area, anticipating needs of stakeholders, and continuously keeping abreast with developments in technology risk.
  • Share and provide value added technology risk assessment advisory and consultancy services to stakeholders via an in depth understanding of the stakeholder’s business area, anticipating needs of stakeholders, and continuously keeping abreast with developments in technology risk.
  • Assist Technology Compliance Manager to undertake the undertake TG role as 1.5 line of defence and performing compliance review ensuring adherence to bank’s policies and procedures, identifying gaps and ensuring all remediation actions are completed.
  • Provide independent review and facilitate the identification, assessment, and monitoring of mitigation plans for infrastructure and application components ensuring the critical and high-risk gaps are addressed and closed in a timely manner.
  • Participate in conducting self-attestation with respective owner of applications and its related components to ensure all known gaps identified are worked on and prioritised for further action based on key risk areas.
  • Stand guided by the of industry best practices in terms of new policies, standards and guidelines in ensuring IT security and design principles are embedded within solution development lifecycle.
  • Assist in collaboration across departments in managing internal and external audit programs/requests and areas that need correction to the senior management team and prioritising compliance work that requires immediate rectification or urgent escalation.
  • Provide compliance advisory for the department to avoid possible recurrence of audit issues. This is inclusive of revisit of previous action plans to ensure its relevancy for any new emerging risk.

Job Types: Full-time, Contract

Pay: RM3,857.64 - RM9,697.16 per month

Schedule:

  • Monday to Friday