Responsibilities:
Participate in the IT Risk and Control Self-Assessment (RCSA), IT Key Risk Indicators (KRIs) and Control Framework (CF)
Review and maintain IT Risk Management Policy, and 3rd Party Risk Management Policy with related Standards, Guidelines, and Operating Procedures
Provide IT Risk Advisory Service on IT projects in a manner to address the current risks and supervise the proper controls to mitigate risk by complying with internal and external regulations and laws.Also preparation reporting to internal meeting i.e.Committee , BOD
Implementation of IT risk assessment, support to IT and business units to conduct IT related self-assessment such as IT project, Cloud, DLP, Mobile Digital applications project, or related projects.
Measure process or control IT risk to inform business/product and program level IT risk assessment.
Recommendations to related team on opportunities for risk mitigation based on established risk tolerance.
Building and maintaining strong and positive working relationships and effective means of communication with other risk associates, including the IT Risk Management, Operational Risk Management, and Data risk management and so on.
Provide subject matter expertise on Info security of IT risk management framework.
Establish IT risk governance (based on Regulations), credibility and maintain strong working relationships with technical and non-technical teams involved with information security matters (Legal, Business, Product Fraud, Security, Networking, Systems, etc.)
Establish innovative metrics and regular reporting mechanisms for measurement of risk activity.
Monitor the new and/or updated IT / cybersecurity laws, regulations, and international standards and review the existing Information Risk Policy, and related minimum standards to identify gaps and propose the required action plans.
Be the coordinator and provide support to the Compliance and Internal Audit functions in the annual self-assessment programs and/or IT audits.
Be the coordinator and provide support to the regulators e.g., Bank of Thailand (BOT), Compliance team, and to the external auditors in the independent reviews.
Develop and execute communication and marketing strategies to promote a culture of risk management.
Drive continued operational and automation improvements to improve operational efficiency.
Support ad-hoc data analysis and other assignments.
Qualifications:
5+ years of IT Risk Management experience in banking, payment company or a related industry.
Bachelor’s degree in Information Technology, Computer Engineering, Management Information Systems, Computer Science or related field.
Knowledge skill: IT Risk management, IT security standard, Mobile Security Testing Guide (MSTG), business risk analysis and making complex business/risk trade-off recommendations and decisions.
Good knowledge and understanding in regulations and international standards such as ISO27001, ISO31000, COBIT 5 for Risk, etc.
Certified in Risk and Information System Control (CRISC), ISO27001 ISMS Lead Auditor IRCA, ISO27001 ISMS Lead Implementer, is an advantage.
Good consulting skills can work under pressure or manage multiple assignments simultaneously to provide deliverables on time.
Experience developing and refining technical or mobile digital developer or business operational processes.
Ability to communicate clearly with technical and non-technical teams across multiple businesses; written, verbal, presentation, and interpersonal skills.
Effectively manage multiple projects and priorities in a fast-paced, deadline-driven environment.
Works effectively as an individual and part of a team.
Strategic thinker with the ability to see/understand the big picture.
Manger level, Written and verbal English skill
Leadership, teamwork and collaboration skills.
Track record for being detail-oriented with a demonstrated ability to self-motivate and follow-through on projects.
Ability to solve problems and bring clarity to ambiguous situations.
Analytical and quantitative skills to use hard data and metrics to back up assumptions and develop business cases.
Skills
Functions
Hybrid
Company
39 active jobs
Bangkok
Industry:
Ready to Apply?
Submit your application now and take the next step in your career journey.
Similar Jobs
