First Level Executive, Technology Risk
POSITION: FIRST LEVEL EXECUTIVE, TECHNOLOGY RISK, RISK SPECIALIST AND TECHNOLOGY SUPERVISION DEPARTMENTROLE PURPOSE
- Contribute to the identification and mitigation of technology risks within the financial industry and financial market infrastructure to ensure financial stability and public confidence, by undertaking horizontal surveillance on the trends of potential technology risks arising from threats from financial institutions’ technology adoption, primarily arising from new, unfamiliar and emerging technological solutions.
- Conduct thematic review on the risk management practices of identified technology risk areas, and assist in providing technical assessment on the risk of financial institutions’/ fintech companies’ technology adoption, as well as contribute to the development of technology risk policy requirements in order to strengthen the IT resiliency of the financial industry.
- Assist in performing horizontal assessment of adopted technology risk management models, methodologies or practices, with the aim to uncover issues, norms and common practices across the industry. Good foundational knowledge, rigorous research and consultation process and use of wide range of risk management frameworks and techniques such as data analytics is expected;
- Assist in facilitating industry-wide technology risks improvement program, aiming to continuously strengthen their robustness as well as fortify the associated risk measurement and mitigation measures adopted by FIs’ technology risk management;
- Contribute in the development of effective advanced surveillance infrastructure and tools for early detection of emerging technology risks to facilitate macro, as well as micro level monitoring;
- Assist in the review and development of technology risks policy documents to ensure pragmatic implementation of regulatory policies. Internally, contribute to the process improvement initiatives;
- Provide technical input on emerging technology adoption and risk management practices adopted by FIs, timely detection of potential operational and technology disruptions. Internally, provide assessment on technology risk to other lead departments on policy development and supervisory activities (e.g. product approval, monitoring);
- Contribute in the preparation of training materials and training exercise aiming to build and strengthen supervisors’ knowledge and competencies in technology risk management;
- Assist in establishing and maintaining strong collaboration with relevant stakeholders to influence and strengthen technology risks infrastructure developments and best practices, and undertake information exchange for effective surveillance and supervision;
- Undertake other ad-hoc assignments, when assigned.
- Candidate must obtain 5 credits in Sijil Pelajaran Malaysia (SPM) for subjects including Bahasa Melayu, English and Mathematics.
- Candidate must possess at least a Bachelor’s Degree or Master’s Degree in Computer Science, Data Science, Engineering (Computer/Telecommunication), Operation Research or equivalent with a minimum CGPA of 3.0 and above and Second Class Upper.
- At least 3 year(s) of working experience in Technology Risk Management, Advanced Analytics, Software Programming/Development, IT Security Design/Operation.
- Professional certification related to information systems security, auditing, control, assurance and risk management such as Certified Information System Auditor (CISA), Certified Information Security Manager (CISM), Certified Information System Security Professional (CISSP), Certified Ethical Hacker (CEH), Cloud Security Knowledge, ISMS, COBIT, OpenGroup FAIR will be an added advantage