Apply Now

AVP, Technology Risk Management

Singapore , Singapore | Great Eastern Singapore

  • Industry:
    Financial Services
  • Position Type:
  • Functions:
    Risk Management
  • Experience:
    7-10 years
Job Description:
58 people have viewed this job

You will manage the technology, information, and cyber risks for Great Eastern Group by assessing, controlling, and monitoring the risks across the group and its sCompanyidiaries, testing the risk controls, and verifying the controls effectiveness.

The Job

Develop and maintain threat Organizationelling methodology for assessing risks;

Establish and update the enterprise threat profile and risk posture;

Conduct threat-based risk assessments of technology and security implementation, changes, and incidents;

Advise the IT and business stakeholders on technology risk and security requirements;

Validate and verify technical controls on their fitness and effectiveness in reducing risks;

Plan and oversee controls testing such as social engineering and red-teaming exercises;

Articulate the business impact and business risk associated with the technology risks;

Develop and maintain technology and security risk metrics;

Measure and monitor key technology risks;

Manage the monitoring of email and web data loss;

Keep abreast of the latest in security controls, threat landscape and emerging technologies;

Take accountability in considering business and regulatory compliance risks and takes appropriate steps to mitigate the risks;

Maintain awareness of industry trends on regulatory compliance, emerging threats and appropriate steps to mitigate the risks; and

Highlight any potential concerns/risks and proactively shares best risk management practices.


Our Requirements

Degree/Diploma in IT, IS, or Computing and/or relevant domains;

At least 7 years of relevant experience in technology risk management for IT infrastructure and service management, and application development;

Experience or working knowledge in security and IT service management;

Experience or working knowledge in security and IT infrastructure technologies;

Experience or working knowledge in risk monitoring and reporting;

Experience or working knowledge in controls testing such as social engineering exercises and red-teaming;

Knowledge in threat Organizationelling;

Knowledge in industry security practices, frameworks and standards such as ISO27001/2, NIST Cybersecurity Framework, etc.;

Knowledge in data loss monitoring;

Analytical and able to identify systemic risk from risk indicators;

Confident in challenging the stakeholders regarding state of controls;

Adaptable, in a fast-paced, dynamic work environment;

Demonstrated strong leadership skills;

Able to lead and collaborate team effectively;

Strong communication and interpersonal skills. Must work well in a team;

High level of integrity, takes accountability of work and good attitude over teamwork; and

Take initiative to improve current state of things and adaptable to embrace new changes.

Other companies hiring with Ivy Exec

 Company Logos