Assistant Vice President, Risk - IT & Cyber Security MY

• Support the implementation of compliance with the Operational Risk Management Framework (ORMF), Technology Risk Framework (TRMF), Cyber Resilience Framework (CRF), Cloud Risk Management Framework (CRMF), Emerging Technology Risk Framework (ETRF), AI/ML Risk Framework and P&P, Technology Risk Appetite Statement (TRAS) and BNM Risk Management in Technologies (RMiT) to effectively manage technology related risks, enhance technology resiliency and mitigate risks against technology threats across CIMB Group.
• To automate Technology Risk process to streamline approval across all relevant stakeholders with final approval back to CISO.
• Work closely with Business Unit Control Officer (RCO) &/or DCORO to address key technology risks, controls and events, as part of existing Business Unit RCSA.
• Facilitate in preparing the Technology Risk Dashboard with objective to have one view of Risk Posture
• Major incident management review (Review LED) & BDSF
• Management and monitoring of Technology Key Risk Indicator
• Management and monitoring of Technology Risk Appetite Statement (RAS)
• Idiosyncratic story telling
• Risk hotspot - to highlight immediate key risks area to watch (Immediate, High, Medium and Low) pertaining to Technology, Cyber, IT in 3rd Parties, AI and Cloud.
• IT 3rd Parties Risk Management support

• Bachelor Degree
• Certified Information Systems Auditor (CISA)
• Certified in Risk and Information Security Control (CRISC)

• Risk Acceptance Management
• Technology Risks, Compliance or Audit
• Project Management
• Fraud Investigation
• Third Party
• Operational Risk

• Technology Risk, Audit and Compliance
• Technology Risk Assessments
• Reporting & Analytics

CIMB