Assistant Vice President, Cyber Security, Middle Office Technology

• Act as first line of defense and focal point for the team for all risk and control matters
• Review GRC issues, action plans proposed and verify remedial solutions for closure
• Work with Line managers and oversee risk mitigation programs to remediate control gaps identified from root cause analysis and lessons learnt
• Develop framework and metrics to support the department risk mitigation programs and escalate emerging or at-risk issues to the relevant stakeholders in a timely manner.
• Perform periodic risk reviews and assessments, control testing, analysis of key risk indicators to review effectiveness of internal controls and to ensure risk exposure over the key processes are within risk appetite and comply to the bank’s standards
• Perform data analysis to identify gaps and implement measures for process improvement, analyze tools for control and evaluate potential operational and emerging risks
• Ensure proper documentation on all risk mitigation programs from the department
• Ensure accurate and timely submission of risk and control reports
• Provide support and training to foster strong risk culture and risk awareness within the department
• Utilize AI/ML techniques to drive the cultural change of preventive and detective risk management to predictive risk management

• Manage all internal / external audits, regulatory reviews, and act as audit focal point for the department
• Review all audit issues raised, review action plans and ensure actions are completed within the agreed completion dates

• Support the department head in all governance, risk, and control matters
• Collaborate with internal stakeholders to maintain the internal control effectiveness
• Liaise with other governance, compliance, risk and control (GRC) functions for collaboration and advisory matters
• Act as SME and participate in workgroups for process improvement and quality assurance programs

• Plan and ensure participation and completion of the BCM requirements exercises
• Liaise with stakeholders from group functions as well as other Business Units and vendors on BCM matters
• Develop plans and workaround process to minimize impact to operations during BCP scenarios
• To improve awareness and develop staff training to prepare them on any BCP scenarios

• Bachelor’s degree in computer science, Engineering, Information Technology or related discipline from a recognized institution
• At least 10 years’ experience in technology development and support environment, vendor management, technology implementation or technology risk management
• Prior working experience / knowledge in the following areas
• Technology and operational risks lifecycle management
• Managing IT Audits / Governance / Risk Management programs
• Performing risk reviews, assessments, or threat modelling
• Performing deep-dive investigation for control and process issues
• Communicating risk and control findings with key stakeholders, developing recommendations and provide accurate metrics and management reports
• Well versed with governance and control frameworks as well as regulatory requirements on technology management and controls
• Sound understanding of technical processes, policies, and risk measurements
• Good control mindset and the ability to understand a broad range of operational and technical issues
• Strong analytical, problem-solving skills and meticulous
• Strong communication, interpersonal and written skills; able to communicate with stakeholders, higher management, technical support units and users
• Influential in communication, able to drive towards agreed solution
• Able to work independently with minimal supervision and with a positive attitude
• Able to drive risk and control awareness within the department and drive cultural change
• Experience in utilizing programming skills to analyse data to facilitate risk reviews and assessments.

DBS Bank