Ennovatez

Cheryl Teo

cherylteo@sif.com.sg

Responsibilities:

As a member of the Risk Management Department, your role involves managing the Company’s IT Security programs, operational risk and BCM. You will also to ensure adherence to policies and ensure that IT risk management tools and processes are in line with business needs, and industry best practice.

Under IT risk management, you will conduct ongoing information security and business continuity risk assessments. You will perform walkthroughs of operations and systems and interviews system owners and users to determine workflows and associated information system risks and internal controls, address the risks identified and report the findings and make recommendation for new process flows.

You will participate in the system development cycle of projects and business process changes to ensure that security and control issues are addressed effectively, and provide consulting support to business units in ensuring compliances with Policies and Procedures.

Under Business Continuity Management, you will improve on existing Disaster Recovery and Business Continuity plans and processes, and work with the business and support units to review and analysis of the effectiveness of the BC and DR arrangements. You will design, organise and conduct regular BC/DR exercises and development of realistic scenarios for future exercises.

In addition, you will work with internal IT personnel and SQL vendors in developing a robust, MIS and Reporting Infrastructure for the Risk Management Department.

Requirements:

Degree or Master in Computer Science/Information Technology;At least 3 years relevant IT experience in Risk, Audit, Security, or Control domains;Proven track record in IT security in a financial environment including direct responsibility for application and infrastructure security;Good knowledge in current IT technologies, related best practices and methodologies, IT governance and regulatory requirements;Detailed technical knowledge of database design methodologies;Experience in managing IT Infrastructure such as network, firewall, log management system, and databases;Experience in conduct risk assessment (‘RA’) exercises, internal information security audits, Business Impact Analysis (‘BIA’) exercises;Experience in organizational BCP, e.g. Pandemic Planning, IT Disaster Recovery (DR) Planning, Crisis Management and Emergency Response Planning with at least one cycle of BCP implementation;Experience in application development / project management will be an advantage;Strong organisational skills and ability to prioritise effectively;Ability to work alone and as an integral member of the risk management team; andSound knowledge of the financial sector IT security requirements will be an advantage.