Argyll Scott is helping the client looking for Senior Information Risk Manager. This role will responsible for execute Information Risk Management practices and controls.
* Perform and validate Information and Vendor Risk Assessment, participate in due diligence on vendor selection process, identify potential risk and provide guidance of risk mitigation and acceptance process
* Assist on formulation of IRM Plan and solutions with various business units in order to ensure that the IRM development and implementation are effective, and in comply with the country and Asia divisional strategies and local regulations
* Assist to establish country local risk profiles and appetites, report country IRM risk and performance, the posture and exposures, maintain up to date with IRM metric system
* Coordinate country local security activities, including but not limited to application security scanning and penetration test, logical access regular assessment, information risk awareness and readiness for the Business Units
* Participates in country governance support the implementation of IRM program objectives, collaborate with Country Information service for IRM project delivery assurance
* Understanding of local technology risk regulatory requirements, provides guidance, participate and directly engage in local country regulators' reviews and exams, ensure compliance with the requirements including framework, guidelines & policies for IRM and IT, maintain of local IT regulatory matrix.
* Liaise with internal, external auditors, and regulatory agencies on risk and compliance reviews and exams. Guidance on IT audit planning and scope align with IT control objectives, oversee country audit issues addressed in a timely manner
* Incident management, responsible for establishing communication, response & handling in the event of local information risk and incident
* University graduate with minimum 4 years solid experience in Information Risk and Security Management gained in financial industry
* Experience in information risk, audit and compliance
* Experience in regulatory engagement
* Holder of Professional Certificate CISSP, CISA and or CISM. CBCP would be assets
* Proficient in English, spoken and written
* High integrity and professional work practice
* Appreciation of peoples and cultures of different countries
* Good analytical, teamwork capability and able to work independently
* Good interpersonal communication, management and presentation skills
* Incident and Problem Management
Argyll Scott Asia is acting as an Employment Agency in relation to this vacancy.