IT Security Digital Risk Officer to join APAC IT Security Risk Management team to deliver specialist Digital Risk Management to the business as part of the digital transformation initiatives of the Bank.
This role is primary responsible for risk assessment engagement in Digital projects from all APAC business units, ensuring that digital risk is properly recognized, assessed and mitigated, and digital risk management strategies, tools, framework and standards are in place. This role will coordinate across APAC IT Security functions, identifying and delivering solutions to digital risk issues and proactively identifying improvements
- Work closely with Global IT Security & Risk Assessment team to follow-up on strategic digital transformation projects and related security issues
- Register, follow up and track Security recommendations, findings & security exception/risk acceptance
- Provide accurate and timely Information technology Security Risk Assessment reports
- Work closely with asset owners or representatives and technical staff to communicate, drive and track the implementation/remediation of security recommendation/findings
- Provide consultation and recommendations on IT Security & Risk Management related topics in APAC region with primary focus on Bank’s Digital transformation initiatives
- Perform Firewall Pre-Change Review for APAC on Digitalization projects. Take part of the network firewall rules approval process, by reviewing and approving FW requests
IT Security Risk Assessment:
- Extended knowledge of IT infrastructure & network and application security. Proficient in Fintech, Cloud, Mobile, Virtualization, and Sandbox technologies, agile development methodology, and Infrastructure & network (Internet, Intranet, Extranet, DMZ), and Application (Web, Client-Server, payment systems) security reviews
- Extended knowledge of IT Security Risk Management concepts and with good understanding of industry APAC regulations i.e. MAS TRM, HKMA, FSA, etc
- At least 5 years of direct IT Security Risk Assessment experience with a strong background in Infrastructure & Network and Application Risk Assessment, security operations, software development, and network & system administration. Prior experience in emerging digital risk assessment methodology and its application is preferred
- Must be able to handle stakeholders in a confident, positive and responsive manner
- Good communication, technical writing skills.
- Must be motivated, and able to work independently as well as part of a team.
- Must demonstrate ethical responsibility, maturity, and discretion