Information Security Specialist - Singapore - COMMERZBANK AKTIENGESELLSCHAFT

COMMERZBANK AKTIENGESELLSCHAFT
COMMERZBANK AKTIENGESELLSCHAFT
Verified Company
Singapore

3 days ago

Wei Jie

Posted by:

Wei Jie

beBee Recruiter
Description

Job purpose:


This position is part of the Asia information Security and Data Protection function in Singapore with focus on information security and third-party risk management.


Key activities:


  • Assisting the Head of Information Security Asia in implementing and maintaining the Group's information security strategy, policies, and procedures to manage cyber and Third-Party Information Security risk and ensure compliance with relevant laws and regulations.
  • Assessing the security posture of thirdparty vendors, partners, or service providers to ensure compliance with organizational standards and regulatory requirements.
  • Collaborating with procurement, legal, and business units to evaluate the security implications of engaging with thirdparty vendors and providing guidance and recommendations to stakeholders on selecting, onboarding, and managing thirdparty vendors securely.
  • Reviewing and negotiating information security and data protection clauses in contracts and agreements with thirdparty vendors to establish security requirements and responsibilities.
  • Conducting risk assessments of thirdparty systems (including cloud), networks, and processes to identify gaps in information security controls.
  • Collaborate with head office in developing and implementing strategies in continue monitoring and evaluating thirdparty security performance through regular assessments and audits.
  • Participating in crossfunctional teams or committees on vendor risk management and security governance driven regionally and globally.
  • Collaborating with auditors to provide necessary documentation, evidence, and support during audit fieldwork, testing, and reporting phases.
  • Reviewing audit findings, recommendations, and reports to identify opportunities for improving information security and thirdparty risk management practices, processes, and controls.

Formal education:


  • University or college degree or comparable
  • Possession of professional qualifications will be advantageous. e.g. CISA, CISM, CRISC, CISSP, CTPRP

Specialist knowledge (work experience, further qualification):

  • Minimum 5+ years of related experience in Information Security, third-party risk management or technology Risk function in financial services industry or consultancy.
  • Knowledge of Asia regulatory requirements with a strong understanding of the financial industry. PDPC, MAS, NAFR, PBOC, JFA
  • Have a strong security risk and analytical mindset in approaching situations and interactions with stakeholders.
  • Strong communication and interpersonal skills, with an ability to translate complex technical information for a nontechnical audience.
More jobs from COMMERZBANK AKTIENGESELLSCHAFT
See all jobs of COMMERZBANK AKTIENGESELLSCHAFT