• 120000
  • Singapore
  • Permanent, Full time
  • LMA Recruitment
  • 21 Feb 19

Security Compliance

This position is a Line 2 function, reporting to the Regional Information Security Officer. The role is in the governance and management of cyber risks, and the compliance to the cybersecurity regulations. This role involves regular reporting to the senior management stakeholders on the delivery of the information security program.

Key Responsibilities

This candidate will be responsible for 3 areas, namely

  1. Security Risk Assessment
  • Drive the security risk identification and assessment exercises with the line of business technology units on a regular basis
  • Review risk submission to verify the validity of the risk assessment
  • Review and track the security risk mitigation plan, and escalate delays in the implementation plan
  • Regular reporting to various risk and management committees to update the progress and status of outstanding security issues and remediation

 

  1. Regulatory Compliance
    • Build effective relationships with the stakeholders in the region and support their security regulatory compliance effort such as regulatory reporting, onsite audits and regulatory enquiries, with regards to the Bank’s security risk governance, management and operations.
    • Support the function in the oversight of the subsidiaries and representative offices and ensure that the regional policies and standards are aligned with Group, and are in compliance with the local regulations
    • Perform regular self assessment of the security policies and standards to assess the Bank’s compliance to the legislative and regulatory security requirements
    • Keep up-to-date on regulatory changes, assess impact to the Bank and advise the management on the material developments;
    • Develop maintain security related policies and standards to meet our security compliance and risk management obligations to the applicable regulations.
    • Develop training material to educate relevant stakeholders on changes in law or regulations or the adoption of new legislations and regulations

 

  1. Management Reporting
  • Develop contextual security dashboards to provide respective management committees with the relevant security metrics
  • Provide regular security metric reporting to key stakeholders within the Bank including the Technology and Business management teams in Singapore and around the region
  • Provide regular updates to the management committees on the implementation and delivery of information security programs

Requirements

  • Education and experience in technology and information security
  • A sound grasp of the regional information and cyber security regulatory environment as it applies to the banking and financial services sector
  • Good verbal and written communication and presentation skills
  • Attention to details, meticulous and organized
  • Mission oriented