Job Description

Job Summary

• Technology is key to enabling the DBS vision of being the leading bank in Asia.

• To meet the challenges arising from the ever evolving technological advancements and increasing sophistication and demands of customers, there is a need for deft Technology Risk Managers to ensure robust risk governance.

• As a member of the Level1 Technology Risk Management team, you will be responsible for driving IT risk management initiatives including risk governance, regulatory inspections, internal & external audits and thematic reviews across the functions.

Job Duties & Responsibilities:

Audit

• Accountable for managing internal, external and regulatory reviews/audits from audit planning, fieldwork (such as request for information (RFI), issue discussion, etc.), to reporting and closing meeting. 

• Assess regulatory changes (such as MAS, HKMA, CBIRC, OJK, RBI and FSC) impacting the technology platforms & drive risk mitigation programs with stakeholders. 

• Review risk findings with stakeholders to determine management actions and responsible for monitoring and validating the closure of management actions.

• Present risk observations and management actions at departmental meetings.

Risk Control

• Engage and collaborate with technology stakeholders to proactively identify risks at a detailed technical level and determine remediation plans.

• Drive remediation activities to ensure that risks identified are properly and effectively mitigated to continuously improve IT risk posture.

• Manage the department’s risk and security related process improvements and quality programs (e.g. RCSA) by participating in research/advisory services, including capturing of relevant metrics and analysis.

• Perform data analysis or procedure reviews to ensure compliance to bank security standards; Provide technical expertise/consultation for process improvement and quality assurance.

• Provide timely and periodic update to management on risk and security matters.

• Communicate and provide guidance of new risk policies and standards.

Required Experience:

• Demonstrated experience in Identifying, assessing and advising on technology risks.

• Excellent organizational, problem solving, interpersonal and operating skills to effectively drive the IT Risk agenda with IT functions.

• Strong communication skills at all levels -- able to effectively communicate with IT and senior management, as well as line staff to drive IT risk mitigation initiatives and other IT risk management related areas.

• Experience to driving IT risk management in digital age a plus.

• Knowledge of Information Security, System Resiliency & Availability & Software development practices and frameworks and regulatory requirements preferred.

• Good technical competencies and exposure to IT application or infrastructure development, support and management.

• Demonstrated experience of leveraging data and analytics to get stakeholder buy-in is a plus.

• Professional Certification preferred – CISA/CISM/CISSP/CRISC/CBCP.

Other Requirements:

• Degree in Computer Science, Engineering, Information Technology or related discipline from a recognized University with minimum 5 years of working experience in the Financial / Banking IT industry.

• CISA/CISM certified professional will be preferred.

• Hands-on experience in IT audit, operational risk management and control self-assessment.

• Familiar with Applications Delivery Life Cycle, Project Management best practices and IT Controls across different operating system and platforms with hands on experience on Public Cloud controls is an added advantage.

• Good knowledge of application user access and access matrices will be preferred.

• Good understanding of security issues, operational risks and process improvement in the areas of technology and business.

• Knowledge of the Banking Act – Banking Secrecy, Bank's policy and guidelines, Information Security Policy, Anti-Money Laundering, Cyber Security Act, MAS Technology Risk Management Guidelines, MAS Outsourcing Guidelines etc.

• Have a strong control and process management mindset, constantly paying attention to details and have ability to perform deep-dive investigation and crunching for control and process issues.

• Proactive team player with ability to work independently with minimal supervision and equips with excellent communication (both spoken and written), presentation and business writing skills.

• Able to collaborate within a team, at various levels of stakeholders from the operating level to the senior management across locations.

• Flexibility and ability to multi-task and take on different types of roles and activities at the same time in a fast-paced environment. Able to effectively manage time and prioritize tasks and responsibilities.

• Positive attitude and willing to take new challenges with an open-mind.

• Creative, quick & systemic thinking with strong analytical and planning skill.

• Self-organized, self-motivated and quicker learner.

Job Requirements