Back to Job Search

IT Risk Senior Manager

  • Location: Bangkok
  • Salary: attractive per annum
  • Job Type:Permanent

Posted about 1 year ago

Argyll Scott is helping the client looking for Lead and Implement Thailand technology risk management framework and process

Key Responsibilities;

  • Lead and Implement Thailand technology risk management framework and process
  • Working with local country 1st line technology risk owners to oversight the technology risks through regular critical control assessment, IT risk KRI reporting, and local IT risk register management
  • Tracking of IT risk related issues and action plan to close in time and escalation to local management and regional where applicable. The IT Risk related issues and action plan include those in IT
  • Risk register or from internal/external audit, or regulatory inspection findings.
  • Support the compliance on technology risk management framework and compliance with group information security policy. Support the user security awareness education programme, and relevant IT/security
  • Provide guidance on IT security processes, controls and compliance, and technology risk management
  • Ensure that assessment and implementation are done within group policies and with security controls
  • Ensure local country compliancy to the group information security policy through yearly self attestation, ongoing management of the security standard dispensation, advisory on information security policy and standard, and managing the information security awareness program with support from regional team of Group IT Security
  • Work together with Regional information security teams and Group Information Security team to ensure alignment of local country security controls with regional and group policy/standard/guideline
  • Security risk analysis and assessment on new technology/application/IT service (including cloud SaaS/PaaS), as well as new project/integration/migration security
  • Security risk analysis and assessment on Desktop software/tools installation request
  • Manage local country third party security risk through new vendor 3rd party security due diligent and ongoing critical vendor security due diligent
  • Be the subject matter expert for local country regulatory requirement on Technology Risk
  • Management (TRM), Cyber Security, and ensure local country compliance to local regulatory requirement, through ongoing regulatory circular review, and yearly self-assessment

Key Qualifications;

  • 7-12 years working experiences in information security and/or IT Risk areas, preferably within financial or asset management institution, or from consulting firm
  • Knowledge and experience in Technology Risk Management and Information Security from a financial institution
  • Technical and able to get into details in working with multiple IT stakeholders
  • Being able to be individual contributor, as well as a good team player
  • Can effectively navigate through a complex environment undergoing change and get things done
  • Ability to deliver work within tight timescales, to budget and to a high quality
  • Either one or more of below IT security certificates CISSP, CISA, CISM, CCSP

Argyll Scott Asia is acting as an Employment Agency in relation to this vacancy.