大手証券会社でのWholesale IT Risk and Controlの求人

Wholesale (WS) Ops and IT Risk and Control function is responsible for defining a sustainable governance framewrok to ensure controls are “fit for purpose”, operating as designed and are adatopable to challenges brought in by external events and regulatory changs. The team thus looks to facilitate in identification of the firm’s risks by ensuring adequate controls are in place within WS CIO functions. The team also aim to advises supports Wholesale CIO management on risk and control practices. We are currently looking for risk mangaement professionals with prior experience in the IT risk management space with particular focus in Global Markets IT.

●Responsibilities:
・Provide Wholesale CIO management with full picutre of key risks and of the status of the control framework
・Challenge 1 LOD controls and remedation actions plans to ensure they are effective
・Oversee KRI breaks and exceptions periodically to access impact.
・Oversee and support the Risk and control Self assessment (RCSA) process for GM IT,ensuring appropriate challenge being provided to preserve the purpose of the framework
・Partner with Group Technology to engage in discussions concerning the control framework with Internal / External Auditors; cooperate in completion of such audits as well as SOX Audits
・Conduct deep dive analysis on key incidents, events
・Provide training to support enforcing risk culture within the ORM Framework
・Support WS CIO management on global IT policies & standards buildout and reviews, and monitor compliance
・Improve overall IT Risk & Control awareness of IT staffs
・Monitor technology projects for adherence to governance policies and processes
・Develop technology MIS reporting (e.g. KRI, operational KPI, Control Dashboard)
・Coordinate global / regional technology control improvement programs

●Requirements：
・Graduate Degree, Information Technology degree or relevant qualification preferred
・Minimum 5 -7 years of relevant IT Risk & Control experience within Investment Banking or related environment
・CISA, CISM, CRISC, CISSP, or other IT governance, risk, or audit or security professional qualification
・Fluent English with Asian Language a plus (not mandatory)
・Excel (Macro), Business Objects Reporting, Visio, Power Point, Power BI, GRC tools, ServiceNow
・Strong communication skills with strong adaptability and attention to details
・Able to think laterally and is comforable with negotiating, possess an ability to seek buy in from key stakeholders.
・Possess Strong analytical skills and an ability to quickly learn new products and systems, need to be able to thrive in a constantly changing enviorment.

●Essential Skillsets/Experiences：
・Experience in design and supporting IT Governance, IT General Control, IT Security, Audit or Technology compliance framework.
・Experience in external statuary audit and regulatory assessment facilitation including inspections.
・Understanding Investment Bank, Global Markets and Wealth Management technology front to back operations
・Experience in Technology Incident, Problem, Release and Change Management process preferably using ITIL model
・Experience in Agile SDLC and Cloud Governane
・Experience in technology risk assessment and third party vendor assessment