Manager for Technology and Operational Risk

Job Purpose

Under the Risk Management Department, reporting to the Head of Technology and Operational Risk (T&O), the position sits in the 2nd line of defense and is primarily responsible for the hands-on management of the T&O Framework, Business Continuity Management program for the Bank. The role will manage/liaise a team of technology and operational risk professionals.

Job Responsibilities

• Facilitate Senior Management and Business oversight, awareness, accountability and engagement on T&O risks

• Execute and manage the T&O risk framework to ensure the related risks are identified, measured, monitored and controlled, including new and emerging top risks

• Review and challenge T&O processes and controls

• Function as T&O risk point of contact across all three lines of defense including but not limited to CIO, COO, CCO, Internal and External Auditors

• Provide expertise on T&O risk related regulatory requirements

• Providing training and awareness session to staff regarding T&O risks

• Drive IT and Op Risk governance and resolution through collaboration with IT and business teams

• Lead and coordinate the business continuity program across the banks

• Lead and coordinate the Risk & Self control assessment (RCA) program across the banks

Job Requirements

• Possess solid IT & General auditor experience, IT risk and Operational Risk management or auditee experience as management level within bank or other financial institutions

• With at least 6 years of relevant experience in T&O Risk, Audit or Cybersecurity within financial institutions

• Excellent ability to influence without direct management authority to drive deliverables

• Excellent communication skills and interpersonal skills to a wide range of individuals and groups and at different levels of seniority

• Innovative and able to assess needs and propose solutions

• Strong communication in written and speaking English and Mandarin

• Strong time management skills

• Self-starter who has experience in dealing with varieties of cultures

• Open personality with effective communication skills

• Degree in information system, computer science, information security, computer engineering or risk management qualifications desirable

• Certifications CISA, CISSP, CIA, CRISC or ITIL desirable