Information Technology

Information Technology & Security Risk Specialist, Operational Risk - AVP Details of the Division and Team: An Information Technology & Security Risk Specialist to join the second line of defence (2LoD) Operational Risk Management (ORM) team in Singapore. This role reports to the Asia Pacific (APAC) Regional Head of Information Technology and Security Risk. Overview Should have a proven depth of knowledge and keen interest of Information Security and Technology and their application in large financial institutions. Working with other global and regional team members, the role will input subject matter expertise and drive innovative approaches in applying risk management in an evolving threat environment. The team has a global footprint in Frankfurt, Singapore, London, Mumbai, New York and Jacksonville. What we will offer you A healthy, engaged and well-supported workforce is better equipped to do their best work and, more importantly, enjoy their lives inside and outside the workplace. That’s why we are committed to providing an environment with your development and wellbeing at its center. You can expect Flexible benefits plan including virtual doctor consultation services Comprehensive leave benefits Gender Neutral Parental Leave Flexible working arrangements 25 days of annual paid leave, plus public holiday & Flexible Working Arrangement Your key responsibilities Provide data and analytics reporting to support the team in monitoring the Information Security and Technology Risk Appetite, breaches and remediation. Where required support the implementation of automated data and analytics reporting process. Support the team delivery of Operational Risk Management (ORM) priorities such as risk & control assessments, scenario analysis, risk appetite. Monitor and challenge 1LoD Risk and Control Self-Assessments (including results of 1LoD control testing/assurance). Perform 2LoD control assurance through targeted reviews of areas of concern. Gain an understanding and be able to articulate key Information Security and Technology regulatory requirements across APAC MEA and their impact and implementation into the Information Security and Technology Risk Framework. Your skills and experience Minimum 5 years’ experience in Information Technology or Information Security with experience in the financial industry and/or a major Technology or any Consultancy company. Proven experience and knowledge in Information Technology and Security industry regulatory standards and/or Risk Frameworks (e.g. EBA Guidelines, ISO 27000 Series, COBIT 2019, DORA)Bachelor’s degree in computer science, Information Technology, Business Administration or equivalent Relevant professional certifications e.g. CISSP, CISA, CISM, CRISC, CGEIT, CCSK, ITIL, ISO 27001 Lead Auditor or similar Technical understanding, training and experience of technology from either a support, development, business analysis or project management perspective Experience of technology coding e.g. python, java and understanding of IT controls: SDLC, managing technology obsolescence, disaster recovery etc Knowledge of Digital Transformation, Private and Public Cloud, AI tooling Prior experience of working in large global teams yet comfortable working independently without day-to-day oversight and steer. Proficient (Read, write, speak) in Mandarin on business level for engagement with Chinese regulators is required. Role is required to be performed on-site at One Raffles Quay office. Relevant vaccination requirements may apply How we’ll support you Flexible working to assist you balance your personal priorities Coaching and support from experts in your team A culture of continuous learning to aid progression A range of flexible benefits that you can tailor to suit your needs Training and development to help you excel in your career About us and our teams Deutsche