VP/AVP, Tech Risk Manager -Technology Risk Controls & Assurance, Technology and Operations
DBS Bank Ltd
jobsDB ref: JSG400003003035401
Employer Ref. 160001US
Group Technology and Operations (T&O) enables and empowers the bank with an efficient, nimble and resilient infrastructure through a strategic focus on productivity, quality & control, technology, people capability and innovation. In Group T&O, we manage the majority of the Bank's operational processes and inspire to delight our business partners through our multiple banking delivery channels.
The Technology Risk, Controls and Assurance (TRCA) function supports the technology functions in DBS Group to ensure that IT risks and control deficiencies are identified and suitable remediation is implemented as appropriate. The Technology Risk Controls and Assurance Manager is a technical IT risk and security subject matter expert, and reports to the Head of Technology Risk Controls and Assurance. The individual will be responsible for assessing the risk and compliance state of key controls for critical applications and programs and serve as an in-unit control function. TRCA is a unit within the Group Technology Services (TS), that oversees and manages the Group’s technology infrastructure across multiple locations and owns the key IT service management processes.
To ensure that all operational and emerging risks are mitigated and adequate controls are implemented. The incumbent will also play an active role working with the operations team to embed controls in their processes and operation activities. This includes cross-discipline exposure to virtualization/cloud, automating our processes, platform, storage, network, desktops, servers, security, etc., across operations in all markets that DBS has IT infrastructure, and at our outsourced service providers.
- Demonstrate good understanding of the security, risks and controls of cross-discipline technology environment in a financial institution.
- Execute and complete all technology risk and control assessments, as well as engaging infrastructure teams; with the objectives of identifying risks, security, controls and operational lapses.
- Maintain key relationships with technology organisation and vendors, to highlight potential risk and control issues to T&O management and work collaboratively to develop solutions to address risks and control issues.
- Keep abreast of own professional development to enhance one’s skills and competence.
- Involve and complete the review of IT processes, controls and mitigation plans, both internally and at our outsourced service providers (OSP).
- Advise and promptly apprise key stakeholders or process owners of all key IT risk, control or regulatory issues arising during the assessments.
- Update and maintain documentation of assessments.
- Test and follow up on control issues for proper implementation, at the same time, develop a mechanism/solution to ensure the issue is also adequately addressed across function and locations.
- Collaborate with security architecture and engineers, infrastructure and applications teams and vendors to identify innovative security as well as controls and actively apply these solutions to advance DBS Group security and controls posture in our internal processes and outsourced vendor operations.
- Review operations within OSP’s environment in line with global IS security standards, guidelines, and procedures for ensuring high levels of integrity, confidentiality, and availability of all IT resources.
- Identify security operations gaps, vulnerabilities, associated risks and mitigation strategies in our internal and outsourced vendor environment
- Liaise with auditors and regulators.
- Min 3 - 10 yrs of working experience
- Relevant university degree in Information Technology or Computer Science
- Good interpersonal and communication skills - spoken and written
- Good planning and other project management skills, including strong organisation skills
- Must be solutions oriented; ability to work with all levels of management and staff
- Self-starter, performance-oriented individuals preferred
- IT professional with good understanding of technology platform and solutions;
- Familiar with technical security solutions surrounding various technologies such as but not limited to: IDS, IPS, firewall management, anti-virus, content filtering, secure email solutions, network sniffing, log management & analysis, forensics, VPN, load balancing, routing, switching and network management
- Experience in outsourced vendor management.
- Good understanding of overall technology processes, security, risks and controls.
- Experienced IS security professional with experience and exposure to DevOps, open source development and cloud technologies (preferred)
- Prior experience in either banking, IT risk management, security-related or IT audit (preferred)
Professional memberships and security certifications would be considered favourably (e.g., CISA, CISSP, CISM, CCSP, etc.)
- Certified Information Systems Auditor (CISA)
- Certified Information Systems Security Professional (CISSP)
- Certified Information Security Manager (CISM)
- Certified Cloud Security Professional (CCSP)
We offer a competitive salary and benefits package and the professional advantages of a dynamic environment that supports your development and recognises your achievements.
About DBS Bank Ltd
DBS is a leading financial services group in Asia, with over 280 branches across 18 markets. Headquartered and listed in Singapore, DBS has a growing presence in the three key Asian axes of growth: Greater China, Southeast Asia and South Asia. The bank's capital position, as well as "AA-" and "Aa1" credit ratings, is among the highest in Asia-Pacific. DBS has been recognised for its leadership in the region, having been named “Asia’s Best Bank” by The Banker, a member of the Financial Times group, and “Best Bank in Asia-Pacific” by Global Finance. The bank has also been named “Safest Bank in Asia” by Global Finance for seven consecutive years from 2009 to 2015.
More Jobs from this employer
AVP / Senior Associate, Enterprise Metrics Analyst, Investment & Trdg Tech, Technology and Operations
VP / AVP, Solution Architect (Core & Consumer Credit Applications), Core Systems Technology, Technology and Operations