The incumbent of IT risk management is responsible for assisting department head to perform the IT risk management for the department, act as the IT liaison of audit requests and coordinate across the Bank to prepare solutions.
IT Risk Management
- Assist to conduct FLU IT risk management and be responsible for identifying, measuring, monitoring, managing and reporting the IT risks.
- Involve in performing quarterly in-scope risks (i.e. operational, strategic, compliance, reputation) and controls self-assessment, report results, develop and track remediation efforts, and coordinate risk-acceptance if needed.
- Periodically assess the key risk indicators that are required by other departments, report and escalate breaches as needed.
- Track policy exceptions, seek justification and approval for policy exceptions, and escalate limit breaches a needed.
- Perform IT Risk assessments on major business application implementation and critical business applications.
Regulatory and Audit Cooperation
- Fulfill request from regulators and auditors.
- Prepare presentations as needed during regulator visits.
- Coordinate action plans with the Bank, and coordinate efforts in addressing regulator and audit request and inquiries.
- Bachelor’s degree or above
- 3 years’ experience in risk management, general computer risks and controls knowledge of banking IT environments.
- IT Risk management, IT risk and control assessment methodology, information security, SSAE 18 SOC1, SP800-53 standards.
- Regulatory and compliance knowledge, financial banking industry knowledge.
- IT Auditor experience preferred.