information security analyst - fintech.

Your responsibility involves:

• Developing, implementing, and maintaining the framework (including policies, procedures, and templates) for Operational Risk Management (ORM) and its various sub-risk types, while also ensuring the adequacy of the framework. Examples of sub-risk types within ORM include business resiliency, technology, third-party and outsourcing, and new product risks.
• Serve as a subject matter expert and provide guidance on the implementation of the ORM framework, including conducting risk assessments, due diligence assessments, and policy dispensations.
• Initiate and oversee risk and control activities such as mapping business processes, conducting risk and control self-assessments (RCSA), and testing Business Continuity Management (BCM).
• Conduct risk assessments for technologies or processes as necessary, such as Business Impact Analysis (BIA), third-party and outsourcing due diligence, and new product assessments.
• Facilitate the risk acceptance process by evaluating risks, identifying risk owners, setting conditions for risk acceptance, and obtaining approval.
• Monitor new regulatory requirements and perform gap analysis against the ORM framework and new regulations/guidelines to ensure compliance.
• Stay updated on changes in the fraud landscape, industry practices (e.g., digital banking, fintech, and payment), and technologies; enhance the fraud risk strategy to implement adequate controls across the Fraud Risk Management (FRM) function.
• Develop and deliver training programs to promote risk awareness among employees and ensure relevant staff are knowledgeable about OR policies and its sub-risk types.
• Define and propose risk management metrics (such as key risk indicators/key control indicators) to monitor the risk and control environment, and periodically report to risk committees to support senior management in risk oversight and governance.
• Monitor that employees, personnel, and service providers implement controls to achieve ORM objectives and sustainability, ensuring the appropriateness and effectiveness of processes for identifying, managing, and controlling OR risks.
• Identify and report high-risk trends, emerging risks, and key issues to risk committees.
• Provide support for internal and external audit/assessment engagements.
• Participate in incident response for IT, information, and cyber security incidents, and review incident reports submitted to regulators.
• Monitor and oversee issues and remediation efforts.
• Design, implement, and maintain tools for risk management.

Skills and experience required

As a successful applicant, you will have proven track record in managing technology risk or cyber security risk within the financial services / banking industry.

Whats on offer

This is an excellent opportunity to join an established global fintech company with support from senior business stakeholders to improve risk management and security posture to the bank.

To apply online please use the 'apply' function, alternatively you can reach me at https://www.linkedin.com/in/hoonteck-nologyrecruitment or 6510 3633. (EA: 94C3609/ R1219669)