CIMB Bank Vietnam
The job holder will be part of the Risk Management department in the Second Line of Defense in accordance to the Enterprise Wide Risk Management framework. Under the guidance of Head of Risk, the job holder has 2 responsibilities as follows:
Primary:
The primary role of the job holder is to effectively manage Technology risks in the second line of defense. The Manager shall oversee all Technology related rules, regulations, issuances, and standards and ensure that CIMB Bank Vietnam is compliant. The incumbent shall assess and manage threats/risk, including Information Security and Data Privacy on the bank’s existing and new Electronic Payments and Financial Services/Products and the platforms used.
The incumbent shall work closely with the related business units (especially the IT and Digital Development team) and local regulators where applicable as part of the incumbent’s accountability to assist the Head of Risk in managing CIMB Bank Vietnam’s Technology and Information Security risk.
Secondary:
The secondary role is to manage parts of Non-Financial Risk such as Business Continuity Management and Sustainability under the guidance of the Head of Risk.
Key Responsibilities
The Key Responsibilities of the Technology Risk Head are as follows:
1. Provides sound direction, guidance, advice, and consultation to business units concerning Technology and Information Security risk.
2. Develop policies, procedures, or guidelines to ensure the security and privacy of information and computer systems.
3. Review risk assessments undertaken by the First Line of Defense to adhere to the company’s risk controls over Third-Party Service Providers and Partners, including IT due diligence, data privacy, and cyber resiliency.
4. Provide advisories in IT projects to implement baseline security requirements for a network, Operating system, databases, and other IT appliances to support banking systems.
5. Review compliance assessments undertaken by the First Line of Defense over Information Security to evaluate the adequacy and effectiveness of the overall information security control posture and data privacy.
6. Research on the latest threats and vulnerabilities and, where appropriate, advise the Technology team on the mitigation and remediation.
7. Review the outcome of penetration tests and vulnerability assessments on information systems and infrastructure that is performed by the First Line of Defense.
8. Participate as advisor in investigating any security violations by providing post-mortem analysis to illuminate the issues and possible solutions.
9. Facilitates Information Security Awareness to new and existing employees and consultants regularly.
10. Ensure compliance to internal and regulatory requirement
11. Provide updates to governance committee on policy related matters, risks and areas of concern as identified from time-to-time.
Relevant degree or equivalent from a recognized University.
English
Speaking: Intermediate - Reading: Intermediate - Writing: Intermediate
With a retail network of approximately 1,000 branches across the region, and a staff force of 40,000 employees across 17 countries. Offering a wide range of products and services from Consumer Banking, Wholesale Banking, Investment Banking, Islamic Banking to Asset Management.
ITJobs is founded in 2014 in Vietnam and the primary goal is grow to one of the leading specialists in recruitment and selection of IT staff in Asia.