- Develop and implement risk assessment methodologies, processes and procedures.
-Assist and supervise risk assessment on application and infrastructure systems to identify and address risk areas and non-compliance to technology information security standards and regulatory requirement
- Manage cyber threat alerts and advisories from regulators and other relevant sources to ensure prompt dissemination and follow-up.
-Manage vulnerability assessment, penetration testing and secure code reviews to ensure identified vulnerabilities are assessed appropriately. Ensure that the necessary mitigation and remediation measures are in place to address the risks.
- Proven experience in driving GRC initiatives ideally within the financial services-financial markets
- Excellent understanding of the NIST framework, ISO 27001, PCI DSS
- Familiarity with regulatory requirements and industry guidelines (MAS TRMG, PCIDSS, ABS, BNM, CBRC, PBOC, HKMA etc)
- Successfully implemented new cyber risk guidelines and governance