Tech and Cyber Risk Manager (ANEXT)

Posted 15 September 2023
Job type Permanent
DisciplineTechnology - Transformation & Consulting

Job Description

We are working on a confidential role with a Digibank in hiring a Tech and Cyber Risk Manager.

Key Responsibilities:

  • Define, update and manage bank-wide tech, cyber, data management policies in coordination with different tech and business function
  • Ensure policies are consistently applied across the bank and monitor adherence to the defined policies
  • Perform risk identification and assessments in the tech, cyber and data governance space
  • Manage the bank’s tech and cyber risk management programs
  • Manage tech and cyber risk due diligence on the bank’s their parties including service suppliers, partners as required
  • Work with tech and business functions to ensure compliance with policies and regulatory requirements
  • Perform risk monitoring including continuous assessments to monitor the tech and cyber risk compliance such as RCSA, KRI
  • Initiate and implement continuous enhancements of risk monitoring process
  • Monitor new regulatory requirements, conduct gap analyses against new regulations and guidelines
  • Monitor risk landscapes and emerging threats to the bank, understand the evolving risks and also new technologies in managing such risks
Key Requirements:
  • BS/MS in Computer Science / Computer Engineering / Cybersecurity with 7 years and above relevant experience in cyber security or information technology risk management
  • Strong understanding of banking industry best practices, policies and standards in the area of tech & cyber risk management, data governance
  • Strong understanding of regulatory requirements from MAS and other financial regulators in the region
  • Practical experience performing tech and cyber risk assessments, compliance assessments and audit
  • Practical experience managing internal, external audits and regulatory engagements
  • Practical experience working as the owner of tech and cyber risk programs
  • Preferably with either CISA, CISM, CRISC, CISSP certifications