- ▪Assess on the potential technology risks via environmental scanning and keeping abreast of risk trends to facilitate the identification and monitoring of technology transversal risks for the Bank including establishing risk ownership
- ▪Evaluate technology risk scenarios reported by the line departments to determine the likelihood and impact of significant technology risks, with key prioritisations. Propose necessary action plans to mitigate transversal technology risks via policy issuance or other risk treatment plans.
- ▪Assess risk appetite and tolerance levels set by management with the respective significant activity owners and key stakeholders through awareness programs and promote effective management of transversal technology risks
- ▪Consolidate and escalate transversal technology risks to RMD and the Bank’s risk oversight committees and provide expertise in technology risk related matters to complement RMD in managing emerging technology risks in the Bank. Assist Technology Risk Manager in managing technology risk and undertaking the role as Line Department Risk Champion [1st line of defence] - [Annual Declaration of IT Risks]
- ▪Clearly define risk events, causal, existing controls, action plan and assess the likelihood and impact for departmental based on the Bank’s risk taxonomy and risk framework. Identify risks based on the 4As guiding principle – Availability, Accessibility, Agility, Accuracy and recommend risk treatment strategies and plan.
- ▪Share and provide value-added technology risk assessment advisory and consultancy services to stakeholders via an in-depth understanding of the stakeholder’s business area, anticipating needs of stakeholders, and continuously keeping abreast with developments in technology risk.
- ▪Dashboard and reporting o Prepare, consolidate and monitor risk registers (i.e risk events, key risk indicators (KRIs), mitigation plan), and risk responses to ensure that risk factors and events are encompassing and addressed in an effective manner and in line with business objectives. o Consolidate and ensure timely submission of the departmental risk events to the Bank’s Department Risk Register and ensure its mitigation plans are closely monitored prior to consolidation and closure
- Experience:
- Excellent command of verbal and written communication skills.
- More than 2 years experience in IT system and technology. Knowledge on risk management will be an added advantage
CRITICAL SUCCESS FACTORS :
- •Good knowledge and understanding on how to mitigate IT risk within the Bank’s operational framework
- •Capability to balance strategic, tactical, operational and technical requirements
- •Good understanding on technical issues about likelihood and impact and mitigation measures with operation and translate them into non-technical options
- •Capability to discuss and communicate risk ideas without discussing technology
KEY CHALLENGES
- •Business and management needs are prioritised at the expense of technology risk and controls
- • Increasing complexity of application and Information Technology (IT) infrastructure as well as evolving technology risk requires practical IT risk mitigation actions.
- •The escalating demands and expectations of stakeholders for mobility and easy access to IT systems requires continuous improvement to IT systems, processes, services and staff expertise to keep pace with stakeholders.
- •Managing resources i.e. staff, in a shared mode and creating a positive work climate for them
- TECHNICAL/FUNCTIONAL SKILLS
- •Emerging Technology
- • IT System and Technology
- •Technical Architecture
- •System Development
- • IT System Support and Maintenance
- • IT project management
- •Technology Risk Management
Job Type: Full-time
Pay: RM4,000.00 - RM8,000.00 per month
Benefits:
- Health insurance
- Maternity leave
- Opportunities for promotion
- Professional development
Work Location: In person