Head, GT-TSS Risk & Control Assurance MY
Head, GT-TSS Risk & Control Assurance MY
CIMB
CIMB Group is the leading ASEAN Universal Bank and home for all your personal and business financial needs. Know more about our group here.
Job Purpose
To manage the GT-TSS Risk & Control Assurance to execute the Bank’s ORM Framework/Policy as well as Compliance Policies in line with the IT Policies and Procedures. This includes building, facilitating, and driving execution of the Framework/Policy by the first line of defense across Group Technology to achieve sound risk management practices and reporting. To deliver planned changes to the Framework/Policy as required, ensure senior stakeholders engage with the change, and new policies are embedded in the first line of defense. To ensure accurate and timely submission of Technology Governance, Risk & Compliance reporting.
The role includes driving a program of awareness throughout the division ensuring that staff are aware of and use the ORM framework/policy and tools, and inculcate a risk-aware community across CIMB Group Technology. The job includes managing and coordinating a team of RC Specialists (Risk Control Specialists) and DCOROs (Designated Compliance & Operational Risk Officers) and Control Environment Testing (CET) testers that are embedded within the various departments within Group Technology to ensure a coordinated and aligned Risk and compliance program across GT to ensure IT risks are effectively managed across the division.
The incumbent has to be a specialist who implements strategies and techniques to minimize a company's losses in the fields of risk and controls.
Key Responsibilities
Manage and work closely with a team of RCS (Risk Control Specialist) via direct report & DCORO (Designated Compliance & Risk Officers) via dual functional reporting to effectively carry out the duties of maintaining an effective Risk & Control Assurance program within Group Technology. This includes:
- Drive strong Operational Risk Management practices
1. Managing compliance with IT Governance related legislation, regulatory policies, procedures, and standards.
2. Review and update the operating procedures and work instruction to ensure that the documentation matches the current process being performed.
3. Identify areas of IT risk and ensure proper controls are in place across Group Technology using various ORM methodologies and tools. - Promote and maintain regulatory compliance
1. Build and execute the compliance risk framework within the Division/Department in a robust manner to achieve sound compliance risk management practices and reporting.
2. Support and lead the Division/Department in relation to proactive identification and management of compliance risk. - Champion the Risk Culture
1. Coordinate and manage training of IT staff in the areas of risk management and regulatory compliance to improve overall understanding and effectiveness of IT risks programs within Group Technology.
2. Assess RCO & DCORO gaps in skillsets continuously to meet the evolving risk and regulatory landscape.
Job Specification
Qualifications:
(Basic Degree/Diploma etc) A Bachelor’s Degree in Information Technology, Computer Science or equivalent.
Professional Qualification and/or Regulatory, Licensing requirements: It will be a huge advantage if you have professional qualifications such as:
- CISA
- CRISC
- CISM
- CISSP
- CSX
Relevant Work Experience
• Extensive experience in large-scale environments including skills and in-depth understanding of IT and business applications and systems.
• Extensive risk management and governance experience (minimum 10 years) including definition and implementation of IT and IT risk management related policies and procedures.
• Good knowledge of banking practices and products and awareness of BNM policies/guidelines and other regulatory frameworks.
• Excellent communication and technical writing skills in English.
• Strong analytical and dispute resolution skills. Ability to make independent decisions with strong leadership skills.
Any other responsibilities/tasks as assigned by the Management from time to time.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
job faster
