- Category TechnologyFinancial Services
- Industry Wholesale Banking and Global Markets
- Function Cyber Security, IT Security and Risk
- Consultant Chen Yi Ooi
- License No 16S8060
- Registration No R1876389
- Job Ref No CY22473
- Salary S$100,000 - S$150,000
Kerry Consulting is currently partnering with a Global Bank in hiring for a Cyber Security Risk Manager, where you will be responsible to advise, implement and sustain the Cyber Security Risk framework to maximise risk reduction and capability improvement, while meeting compliance obligations and minimising client impact.
- Support the implementation of Cyber Security Risk framework including working with stakeholders to identify, assess and rate the information assets, build out the risk profile per the framework, initiate risk assessments and put together treatment plans.
- Use qualitative and quantitative data sources to validate key controls, accelerate risk assessment process, validate business risk profile and develop action plans to remediate and lower the risk appetite.
- Follow up on identified thematic cyber issues, develop processes to address issues from re-occurrence and ensure cyber hygiene across the whole portfolio
- Provide regular status updates including progress, top risks and issues to the respective business forums for the relevant domains.
- Interface with the Regional and Country business heads to assist with sharing of risk profiles, advising on cyber risk issues and addressing areas of concern.
- Interface with Technology forums to ensure security technologies are operating with input from business and be actively involved in the roadmap of these technologies by providing business input.
- Develop risk treatment plans for the assigned areas in conjunction with the business and technology teams. Interface with other areas to ensure dependencies are known and prioritised. Negotiate timelines to ensure proper remediation by maintaining support and organizational alignment.
- Adapt to emerging and horizon risks and address issues to maximize outcomes.
- Coordinate and plan for cyber crisis management exercises, build response and recovery capabilities, workarounds, ensuring that playbooks are updated.
- More than 7 years of relevant experience in Cyber Security risk identification, assessment and monitoring.
- Experience in implementing risk framework, with knowledge of NIST or ISO 27001 being an added advantage.
- Understanding and exposure to various regulatory requirements across the globe (e.g. PRA, FCA, MAS, HKMA, RBI, NESA etc.)
- Experience within information security or risk function within the financial industry.
If you are keen to apply or find out more about the role, please share across your updated CV or reach out to email@example.com for more details.