Manager, IT Risk and Compliance
Job Description - Manager, IT Risk and Compliance (240001OE)
Job Number:
240001OE
Discover the GREAT in your career.
As a LIFE company, our customers are at the heart of all that we do. Being one of Asia’s leading insurers for over a century, we have built a long-lasting legacy of trust with our customers over many generations. At the foundation of this trust is Integrity, Initiative, and Involvement – from the way we treat every customer relationship with honesty and transparency, to our proactive approach of delivering the best possible solutions in both life and general insurance.
Integrity, Initiative, and Involvement is what guides us. It is what makes us do the right thing, take the lead, and choose ‘we’ over ‘me’. Our mission is to make life great for our customers because we understand what matters most to them, and we know how to help them protect it.
If you are looking to grow in an exciting career filled with opportunities and potential, we are seeking a professional to join our team as Manager, IT Risk & Compliance. You will be assuming an integral role in IT Risk and Compliance for Great Eastern. Responsible to evaluate overall information technology risk, maintain an active view, and report the residual risk to management. The role is also responsible for ensuring processes are in place to meet organizational and regulatory requirements.
The Role:
- Implement an IT Compliance program to provide assurance on the compliance status in Group IT. The program will validate the key IT controls based on yearly prioritization and using an industry-accepted sampling methodology. The IT controls reviewed will consist of relevant processes, systems, reports, and metrics.
- Monitor the state of IT compliance with regulatory requirements and internal policies, and report on compliance lapses.
- Monitor changes in technology-related legislation and regulation that affect the Group IT's Technology Risk management and compliance, and develop a compliance program to address potential gaps.
- Conduct ongoing Compliance Review activities on key IT processes and systems as per the plan and identify the gaps against standard requirements.
- Provide timely reporting on compliance review activity to management and track to closure, all actions and risks arising from the review.
- Assist in consolidating the Compliance Event Reporting from Group IT to GRM and also local RM&C.
- Assist in reviewing CRSA for regulations as per GRM and local RM&C’s schedule.
- Assist in reporting compliance matters to Group IT management on a regular basis.
- Assist in IT Audit engagements, monitor and track the audit progress, status of information submission and escalate overdue responses accordingly.
- Assist in root cause analysis for IT incidents, if required.
- Educate staff on compliance requirements and provide awareness sessions on risk & compliance matters.
- Assist Department Risk officer and Department Compliance officer for GELM IT.
- Assist in maintaining departments Risk Control Self-Assessment (RCSA) and conduct control testing according to GRM & local RM&C requirements.
- Assist in the review of Risk Assessment e.g. Project Risk Assessment, General Purpose Risk Assessment, IT Risk Acceptance, etc.
- Take accountability in considering business and regulatory compliance risks and take appropriate steps to mitigate the risks.
- Maintain awareness of industry trends on regulatory compliance, emerging threats and technologies in order to understand the risk and better safeguard the company.
- Highlight any potential concerns/risks and proactively share best risk management practices.
- Other responsibilities entailed.
The Person:
- Possess a recognized degree in Computer Science, IT or Information Systems.
- Have at least 5 years of working experience in the banking or insurance industry.
- Experienced in regulatory requirements e.g. Risk Management in Technology (RMiT), Technology Risk Management Guidelines (TRMG), etc.
- Professional certification would be an advantage e.g. CISA, CISSP, CISM.
- Able to work independently.
- Analytical and detail-oriented.
- Able to produce high-quality work under pressure.
- High level of integrity, takes accountability for work, and has a good attitude towards teamwork.
- Takes initiative to improve the current state of things and is adaptable to embrace new changes.
Great Eastern Malaysia is committed to Equal Employment Opportunity, and all qualified applicants shall receive fair and equal consideration for employment.
Entity: Great Eastern Life Malaysia
Employment Type: Permanent
About Great Eastern:
Founded in 1908, Great Eastern is a well-established market leader and trusted brand in Singapore and Malaysia. With over S$100 billion in assets and more than 16 million policyholders, including 12.5 million from government schemes, it provides insurance solutions to customers through three successful distribution channels – a tied agency force, bancassurance, and financial advisory firm Great Eastern Financial Advisers.
The Group also operates in Indonesia and Brunei.
The Great Eastern Life Assurance Company Limited and Great Eastern General Insurance Limited have been assigned the financial strength and counterparty credit ratings of "AA-" by S&P Global Ratings since 2010, one of the highest among Asian life insurance companies. Great Eastern's asset management subsidiary, Lion Global Investors Limited, is one of the leading asset management companies in Southeast Asia.
Great Eastern is a subsidiary of OCBC, the longest established Singapore bank, formed in 1932. It is the second largest financial services group in Southeast Asia by assets and one of the world’s most highly-rated banks, with an Aa1 rating from Moody’s and AA- by both Fitch and S&P. Recognised for its financial strength and stability, OCBC is consistently ranked among the World’s Top 50 Safest Banks by Global Finance and has been named Best Managed Bank in Singapore by The Asian Banker.
To all recruitment agencies: Great Eastern does not accept unsolicited agency resumes. Please do not forward resumes to our email or our employees. We will not be responsible for any fees related to unsolicited resumes.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
job faster
