Risk Manager

  • 144k
  • Kuala Lumpur, Malaysia
  • Permanent, Full time
  • Standard Chartered Global Business Services Sdn Bhd
  • 24 Jun 17

Risk Manager will be technology risk specialists who support the design, execution, and overall governance of our technology risk and control programs. The candidate would have held system administrator roles for Windows / Unix / Virtualisation in the past 5 years Specifically this role will act as the risk SME (Individual Contributor) for platforms infrastructure and serve as a key member of the Platforms Technology Risk and Control team, supporting a range of initiatives to enhance the control design and implementation across platforms commissioning, maintenance, change and release management, Access Management, and ongoing production support.

Key Responsibilities
- Design and Implement assessment programs to monitor the Technology Risk posture for the Platforms Infrastructure business; embedding governance and oversight to provide management with transparency over what these risks are and how they can be managed.
- Design, Implement relevant Technology Risk and Control activities (e.g., assessments, control testing, monitoring, reporting, and targeted remediation activities) (KRI, KCI, CST etc) as well as ensuring consistency in execution.
- Develop and maintain strong business and technology relationships to become a trusted partner, as well as building relationships with Corporate functions such as Audit, Group Operations Risk and Global Technology Infrastructure for end-to-end risk and control management.
- Design, participate in, or provide SME support for programs to improve or remediate the technology control environment across Platforms Infrastructure
- Implement effective and efficient controls to minimise / mitigate operational impact – includes risk and controls – identification/ design, testing, reporting and monitoring
- Ensure proper management of risk and timely resolution of issues (Internal, audit, external etc)
- Promote understanding, practice and culture of Operational Risk within the Domain(s).
- Represent the Domain(s) as the Single Point of Contact (SPoC) on internal and external audits and Subject Matter Expert (SME) on the audit working practices
- Support delivery of all risk forums within the Domain(s) operates within the approved Terms of Reference (ToR), including membership, agenda, and frequency.etc.

Key Relationships
- Platforms infrastructure management, peer ORMs, Audits
Key Measurables
- Effectiveness of the controls and monitoring of operational risks and controls at the Domain(s)al level
- Satisfactory results on audits undertaken by Group Internal Audit, regulators or external audit
- Cross team collaboration and leadership skills – proactive engagement with stakeholders

Experience and Skills

• CRISC / CISA / CISSP / COBIT certification
• System administrator – Windows / Unix / Virtualisation (sometime during the career)
• Technology Risk and Control experience within Financial Services industry.
• Proven Risk Management track record and hands on Controls Assurance work in Technology and other operations risk domains.
• Knowledge of controls assurance and determining control criticality.
• Ability to make judgments in relation to any aspect of the control environment. This includes both technical and operational controls.
• In depth knowledge of Technology operations and the financial services industry in general
• Proven experience in making presentations to stakeholders and management.
• Excellent verbal and written communication capabilities with the ability to interact at all levels of the organisation

• Degree qualified (or equivalent) and/or High Performance track record throughout career.
• Technical certifications in  Microsoft, Redhat or Virtualisation
• Experience in implementing ITIL or COBIT