IT Risk Officer

At Julius Baer, we celebrate and value the individual qualities you bring, enabling you to be impactful, to be entrepreneurial, to be empowered, and to create value beyond wealth. Let’s shape the future of wealth management together.

IT Risk Management is a regional function in Asia responsible for technology risk governance and management. This function works in close collaboration across IT to foster strong risk culture and awareness. Primary responsibilities include risk management activities with the aim to continuously strengthen IT operational /security posture and provide risk transparency to our management.

**YOUR CHALLENGE**:
**IT Risk Management**
- Perform periodic key IT controls mandated as part of the Bank's Risk and Control Management Framework and highlight exceptions for remediation
- Track, monitor and report on status of internal controls
- Support IT teams with external and internal audit fieldwork and tracking of IT related audit items
- Track audit remediation plans to ensure timely and proper closure of IT audit points
- Manage day to day IT Risk management activities in Asia including:

- Maintenance of the central risk register; supporting risk owners to develop risk mitigation/ remediation strategies
- Maintain oversight of risks mitigation / remediation plans of IT risk items
- Work closely with IT Project Managers to identify, mitigate and treat residual risks arising from projects
- Prepare risk reporting materials to be presented at IT Risk Management Forum and Operational Risk Committees
- Support the rollout of IT risk management strategy, framework and standard(s) in Asia
- Responsible for preparation of risk reporting to IT Risk Management Forum as well as Operational Risk Committees in Singapore and Hong Kong
- Perform regulatory (MAS and HKMA) and security related assessments, review technical control effectiveness, identify gaps and follow up on actions

**Client Management (internal & external)**
- Various IT functions, both regionally and globally
- Operational risk (CRO)
- Local Legal and Compliance functions

**Business Management**
- Key local stakeholders include IT Service Owners, IT Infrastructure, IT Application Managers, IT Architecture and Project Managers
- CRO functions - including Business Operational Risk, Information Security and Compliance functions
- Global functions - IT Risk Management, Information Security
- Establish strong relationship with key stakeholders

**Regulatory Responsibilities &/OR Risk Management**
- Ensure appropriate ethical and compliant behaviour within the area of responsibility by clear demonstration of appropriate values and behaviours including but not limited to standards on honesty and integrity, due care and diligence, fair dealing (treating customers fairly), management of conflicts of interest, competence and continuous development, adequate risk management, and compliance with applicable laws and regulations

**RANK**
- Associate Director

**YOUR PROFILE**:
**SKILLS REQUIREMENTS**

**Personal and Social**
- Good communication skills covering oral, written, presentation, facilitation
- Ability to work under stressful environment
- Independent and self-driven
- Strong relationship management and conflict resolution skills
- Good and clear communication

**Professional and Technical**
- 5 to 7 years of experience, in the areas of Information Technology, Risk Governance or Control, Security or Audit related functions
- Banking experience, preferably in Wealth Management. Sound understanding of various business functions
- Strong technical skills. Experience in IT delivery or implementation and having a good understanding system design is a plus
- Independent worker, team player
- Preferred certification: CISSP, CISA

**Regulatory**
- Familiar with l oc al r eg u l a t ory environment i n Si n g a po r e a n d H o ng Ko ng
- E x pe r ie n c e i n i nt e r a c t io n w i t h r eg u l a t o rs