The individual holding this role must be capable of delivering key Information & Cyber Security and Data Privacy risk management initiatives as first line of defence for RB
The Role Responsibilities
Information & Cyber Security & Data Privacy Risk Management
- Use risk management principles to ensure the confidentiality, integrity and availability of information assets and information systems are safeguarded in accordance with the bank’s operating model and risk appetite.
- Assist Management in coordinating, driving and directing effective regulatory compliance and ICS & DP risk management
- Identify, escalate and resolve risk issues regarding ICS and DP in a timely manner.
- Assist management in implementing robust processes and controls to meet all regulatory and internal policies and requirements regarding ICS & DP.
- Ensure proper functioning of day-to-day controls by designing and driving periodic assessment and monitoring activities regarding ICS & DP.
- Record results in relevant internal systems for any non-compliance noted from the execution of testing and / or collation of ICS & DP risk MI.
- Where applicable, support and provide subject matter expertise to the Responsible Person (RPs) to ensure integrity, quality and completeness in the execution of any periodic assessment and monitoring activities regarding ICS and DP.
- Provide ICS & DP SME advice, training and guidance to key stakeholders
- Bridge Management in implementing ICS & DP risk & control strategies from Group / Regional level
Information & Cyber Security & Data Privacy Risk Governance
- Source of reference within the business unit in facilitating and promoting the understanding of ICS & DP and relevant governance framework
- Support the implementation of ICS & DP and relevant governance / framework initiatives and the roll out of any relevant target operating model
- Lead and represent the business unit in risk governance forums to manage risk issues
Our Ideal Candidate
- Strong risk sense and common sense
- Strong logic, reasoning and analytical skills
- Strong interpersonal skills with experience of building and maintaining effective relationships at a senior level
- Strong knowledge of cyber security frameworks, information security principles
- Experience of working within ICS and/ or Data Privacy risk field, including systems audit or internal risk & controls in financial sector.
- Demonstrable track record of strong team work and delivery, within and across departmental teams
- Relevant core or professional level ICS qualifications would be a plus e.g. CSX, GIAC GISP, GSEC, SSCP, ACsP, CPSA etc.
- Good presentation skills would be a plus
- Previous working experience in SCBHK would be a plus