No more applications are being accepted for this job
- Ability to support in producing executive management reports for senior stakeholders pertaining to Technology and Information Security Risk
- Familiar with documentation activities and experience in managing and producing good governance reports
- Excellent communication and interpersonal skills with ability to collaborate, challenge and influence across borders and at all levels of the business, as well as externally
- Must have strong written and verbal communication skills; Report writing and presentation skills are a key requirement.
- Able to demonstrate analytical analysis specific to challenging processes or practices that fail to deliver a well-controlled business, as well as in relation to cybersecurity threats
- Able to articulate and present complex thoughts and analytics to various stakeholders using tools such as MS Office, SharePoint, Tableau, etc.
- Able to support in building and maintaining strong working relationships with a diverse set of stakeholders
- Operational risk management experience with ability to support in managing day-to-day management of Risk Register, Tracking and Monitoring
- Strong technical skills covering both operational, technology and information security related products and controls
- Strong problem-solving skills and ability to multitask
- Ability to manage work in a fast moving, high pressure environment and balancing multiple work activities
- Prioritization of tasks and time management
- Attention to detail
- Self-motivated, assertiveness and self-awareness
- Cultural awareness
- Responsible to support in management and operation of the Technology risk management frameworks, including applicable policies, standards and procedures, which are adopted / run as part of the APAC Risk and Control function portfolio in line with the Bank's risk appetite
- Support in coordinating and facilitating engagements with all Technology and Information Security departments as well as other stakeholders, including HO, Operational Risk, Compliance and Internal Audit
- Support in the consistent embedment of the Technology risk management frameworks by enabling and educating Branches / Subsidiaries
- Support in providing a mechanism to identify, assess and evaluate risk to enable the execution of the Technology Risk management strategy within the new regional CIO and CISO operating environments
- Work with HO to review the appropriateness of process design keeping standardization, control, client service and simplicity at the root of all processes
- Work with relevant stakeholders to analyze root cause of any major incidents and identify failure points in controls and processes, as well as to support gap mitigation
- Participate in relevant projects and initiatives to bring proactive risk management focus into solutions
- Ensure regular reviews of risk items for trends
- Ensure that all necessary regulatory requirements are met in the respective Branches / Subsidiaries across APAC
- Support, develop and implement risk responses to ensure that Technology risk factors and events are addressed in a cost-effective manner and in line with business objectives
- Review risk responses with the relevant stakeholders for validation of efficiency, effectiveness and economy
- Ensure that all material risks identified are addressed within an appropriate timeframe
- Monitor risk and communicate information to the relevant stakeholders to ensure the continued effectiveness of the Technology Risk Management strategy
- Timely collect and validate data that measure KRIs and management activities to assist informed decision making
- Facilitate independent risk assessments and risk management process reviews to ensure they are performed efficiently and effectively
- Identify and report on risk, including compliance, to initiate corrective action and meet business and other requirements
- Monitor and maintain where necessary, Technology and Information Security product related controls to ensure they function effectively and efficiently
- Collect information and review documentation to identify control deficiencies
- Review policies, standards and procedures to verify that they address the Bank's internal and external requirements
- Maintain sufficient, adequate evidence to support conclusions on the existence and operating effectiveness of Technology and Information Security controls
- Design and identify KRIs, which will be used consistently across Technology risk forums / committees, and ensure accuracy of data collated
- Constantly seek to provide improvement suggestions to raise the benchmark on information provided to raise risk awareness and improve controls
- Support in producing materials for providing a regular review and update of materials aimed at raising risk awareness and instilling understanding of minimum standards of risk governance across the Bank
- Support in producing regular trend analysis of key risk indicator exceptions, and identify systemic failures
- Lead Risk Acceptance process in line with the required governance process
- Conduct trainings to improve awareness of APAC Risk and Control requirements including the known industry good practices
- Coordinate the provision of risk papers and required risk management metrics to ensure transparency and appropriate escalation of material risks through the relevant risk forums and committees
- Ensure the material risks are raised through the Bank's hierarchy of monitoring
- Review and provide challenge input to ensure risk is appropriately assessed and remedial actions are robust
- Support in organizing, coordinating and facilitating sessions to proactively engage stakeholders to raise awareness of risk issues and document the discussions and outcomes as part of meeting minutes
SVP, Risk Management - Singapore - Mizuho Bank
Description
Overview of Division/DepartmentThe APAC Risk and Control function is responsible for managing the design and execution of technology and information security risk management across the APAC regional entity, branches and subsidiaries to ensure that the Bank is in full compliance with the relevant technology and cyber policies, standards and regulatory requirements, and maintain the desired risk profiles.
Company Profile
MIZUHO BANK
Job Responsibilities
Mizuho Bank is seeking an experienced Technology and Information Security Risk professional to join a newly formed team to oversee and manage technology and information security risks for the Asia Pacific region.
The APAC Risk and Control function is responsible for managing the design and execution of technology and information security risk management across the APAC regional entity, branches and subsidiaries to ensure that the Bank is in full compliance with the relevant technology and cyber policies, standards and regulatory requirements, and maintain the desired risk profiles.
Reporting within the Risk and Control team, this role will support the functional strategy within the APAC Risk and Control team in governing adoption and consistent execution of the risk management frameworks, and managing / maintaining regional Technology and Information Security risk portfolio for Mizuho. Provide 'hands-on' support to enable Regional CIO and CISO to manage their risk profiles and apply consistent risk management across APAC. Work with the various CIO and CISO domain teams to ensure processes and controls are maintained and reported. Ensure transparency and appropriate escalation of material risks through relevant governance processes in line with the applicable risk management frameworks.
Key Competencies
Risk Management
Risk Response
Controls Monitoring
Risk Forums and Committees