This position will focus on technology Audit findings / Risk identification from internal and external audit engagement across the group. Drive the resolution of the risks across each affiliate and the centre.Key Responsibilities

• Track audit findings across the group and recommendations to ensure that appropriate mitigation actions are taken. Also, serve as a contact person for technology risks raised during BRCC, internal control, internal and external audits for group technology.
• Identify industry-accepted best practices / processes and provide guidance and assistance to each affiliates stakeholders to direct and implement information systems audit remediation activities.
• Serves as a Technology compliance risk officer responsible for establishing internal strategies, policies, procedures, processes, and programs to prevent violations of law, rule, or regulation and design and deliver a risk management framework that maintains risk levels within eProcess risk appetite and protects the franchise.
• Keeping abreast of regulatory changes, new regulations, and internal policy changes in order to further identify new key risk areas and quantify the ‘risk appetite’, i.e., the level of risk they are prepared to accept.
• Coordinate, track and report on all risks and issues, from initiation, through mitigation and issues response planning, communication, completion of risk/issue activity and closure.
• Coordinate technology risk related regulatory examinations and communication across each affiliate within the group, conduct reviews to identify possible risks and provide recommendations to address the control weakness, and monitor the implementation progress of the remedial action(s).
• Prepare regular management reports on technology risk status across all the affiliates within the group in an appropriate way for different audiences, for example, to the executive management in eProcess so they understand the most significant risks, to regional CIO’s and Business CIOs to ensure they are aware of risks relevant to their parts of the business and to individuals to understand their accountability for individual risks.
• Report all open risks in the official risk management repository platform (eCap). Performing analysis to understand the risk range and reach out to the risk owner at the affiliates and the centre.

JOB CONTEXTTechnology, audit, and risk issue management will focus mainly on technology risks identify through the various functional control unit such as the internal auditor, internal controls, external, and BRCC process. The accountable person will from inception take ownership of all the technology risk and engaged directly with the risk champion in each affiliate and at the center with the intent of quickly mitigating the risk without prolong the security posture of the organization.KEY SUCCESS FACTORS

• Complete mitigation of all identified technology risks.
• Ownership of all technology risk identified by internal control team.
• Ownership of all technology risk identified by internal and external auditor.
• Tracking and mitigating risk identify and reported by BRCC process.

ACCOUNTABILITY METRICSCompletely managed, mitigate, and remediate all technology risks.DELIVERABLES

• Ability to objectively analyse data and information to form a big-picture view of risk
• Ability to digest detailed information to determine trends and tendencies
• In-depth knowledge of their industry, including competitors and adversaries
• Ability to communicate effectively at an executive level
• Ability to be agile and react to changes in the business environment
• Organizational and leadership skills

Background/experienceSKILLS REQUIRED

• Education: – A University degree in Computer Science or related disciplines.
• Minimum of 2+ years IT experience
• This role requires a well-rounded ability to understand audit findings / Risk management leading towards closing them.

Specific job skills:

• Vast knowledge of information technology architecture and emerging technology. Knowledge of risk management, audit concept, and good communication.

Certificate & Training

• ITIL Certificate, Risk Management Certificate