Asia Information Security Risk Manager

**Mission**:
The Asia Risk & Compliance department is responsible for supporting Pictet’s senior management manage the risks faced by Pictet.

The Asia Information Security Risk Manager role will be responsible for the oversight of technology, cyber and information security risks for the Bank across the respective business lines (including Private Wealth Management, Pictet Trading & Sales, Pictet Alternative Assets, Pictet Asset Services) across the Singapore (BPCAL) and Hong Kong (BPSA HK) banking entities. You will be part of the second line of defence.

This role will report to the Chief Risk Officer, Asia and functionally to the Group CISO.

lease insert the text for the job ad to be then published internally/externally

**Your role**:

- Work with CRO Asia in setting the overall strategic direction of Pictet Asia’s security governance efforts in compliance with local regulatory requirements and Pictet Group’s information security program.
- Serve as the Information Security Subject Matter Expert (SME) and support the CRO in oversee technology, cyber and information security risks for Asia.
- Advise legal entity management on information security risk issues and recommend actions in support of the bank’s wider risk management program.
- Monitor information security trends, both internal and external and recommending suitable risk mitigation strategy.
- Participate in relevant risk management governance forums including the APAC Risk & Compliance Committee as well as run the Asia Technology Risk meeting.
- Support IT and business stakeholders in the oversight of information security activities that may be outsourced.
- Analyse the impact of new technologies, information security laws and regulations, and working with stakeholders as part of any needed changes.
- Monitor and challenge Technology Resilience, Cyber and information security incidents and key risk indicators, support any needed triage and monitoring of remedial efforts.
- Perform periodic testing of local information security key controls in accordance to Pictet’s control testing standards.
- Assess the robustness of IT, Cyber and information security risks and controls and drive any required actions by the risk owners.
- Develop and deliver information security risk training to internal stakeholders.

**Your profile**:

- University Degree in Information Security, IT or equivalent, Master's degree in information security related domains.
- At least 8 to 10 years’ experience in a similar position in the banking industry or in a consultancy firm (e.g. big four).
- Professional information security certification such as CISSP, CISM, CRISC would be a plus.
- Strong working knowledge of MAS & HKMA Technology Risk and Information Security risk related standards.
- Proactive with a can-do spirit with a strong sense of accountability in getting the mission accomplished.
- Strong influencing skills and comfortable working with different stakeholders, both locally and at Group level.
- Strong communication skills and the ability to provide clarity and focus on projects while working with both technical groups as well as senior/executive management.
- You have a high level of personal integrity, ability to professionally handle confidential matters
- You have strong verbal and written communication skills in English. Chinese (Mandarin, Cantonese) a plus.
- Resilient and able to work under pressure.

**Note**:
We will not accept any CVs via agencies

**Diversity & Inclusion**:
**_
Pictet is an equal opportunity employer and is committed to creating a diverse environment. We respect all individuals and seek their inclusion in the workplace._