Senior Manager/Manager for Technology and Operational Risk

Job Purpose

Under the Risk Management Department, reporting to the Head of Technology and Operational Risk (T&O), the position sits in the 2nd line of defense and is primarily responsible for the hands-on management of the T&O Framework, Business Continuity Management program for the Bank. The role will manage/liaise a team of technology and operational risk professionals.

Job Responsibilities

• Facilitate Senior Management and Business oversight, awareness, accountability and engagement on T&O risks
• Execute and manage the T&O risk framework to ensure the related risks are identified, measured, monitored and controlled, including new and emerging top risks
• Review and challenge T&O processes and controls
• Function as T&O risk point of contact across all three lines of defense including but not limited to CIO, COO, CCO, Internal and External Auditors
• Provide expertise on T&O risk related regulatory requirements
• Providing training and awareness session to staff regarding T&O risks
• Drive IT and Op Risk governance and resolution through collaboration with IT and business teams
• Lead and coordinate the business continuity program across the banks
• Lead and coordinate the Risk & Self control assessment (RCA) program across the banks

Job Requirements

• Possess solid IT & General auditor experience, IT risk and Operational Risk management or auditee experience as management level within bank or other financial institutions
• With at least 8 years of relevant experience in T&O Risk, Audit or Cybersecurity within financial institutions
• Excellent ability to influence without direct management authority to drive deliverables
• Excellent communication skills and interpersonal skills to a wide range of individuals and groups and at different levels of seniority
• Innovative and able to assess needs and propose solutions
• Strong communication in written and speaking English and Mandarin
• Strong time management skills
• Self-starter who has experience in dealing with varieties of cultures
• Open personality with effective communication skills
• Degree in information system, computer science, information security, computer engineering or risk management qualifications desirable
• Certifications CISA, CISSP, CIA, CRISC or ITIL desirable