企业档案
- 企业名称:福瑞博德软件开发(深圳)有限公司
- 联系人:涂小姐
- 电话:0755-26500080
- 传真:0755-26504768
- 邮箱: sales_china@freeborders.com
- 邮编:518057
- 地址:中国深圳深圳市南山区高新科技园科苑路6号科技园大厦10楼
- 纠错
猜你喜欢
Technology Risk Management SME
Responsibilities:
? Act as an subject matter expert (SME) in Tech Risk governance and architecture
? Support business initiatives, provide advisory and recommendation from risk & control perspective (including but not limit to the review of Third Party Security Assessment (TPSA) submissions and administer the approval process).
? Process oriented framework to manage security governance services and processes (including but not limit to the review of Technology Risk Acceptance (TRA) submissions and administer the approval process).
? Manage remediation progress with internal, external service providers, operations and business partners.
? Establish and maintain security standards and policies.
? Assist to define security architecture for the company infrastructure and applications.
? Participate in security product evaluation and assist in security solution recommendation and deployment
? Research and evaluate on latest security threats and technology solutions, such as Cloud, Big Data, Social Networking and Mobile.
? Manage threat and vulnerability assessment
? Establish security dashboard with key risk indicators. Perform monthly risk trend analysis and compile management reports.
? Maintain IT Risk & Control Library and provide support to Group ICFR (Internal Control over Financial Reporting, initiated by Group Internal Audit and Group Finance).
? Provide support to Group Internal Audit and LBUs* on internal / external audit reviews.
? Provide support to Group ORM on Annual RCSA and monitor remediation progress on open RCSA and Audit items.
? Provide consultation to AIA LBUs regarding Tech Risk related matters.
? Administer Technology Building Permit (TBP), Exception Request (ER), and Standard Initialization (SI) approval process.
Requirements:
? Degree holder in Computer Science or related discipline.
? Over 5 years’ experience in IT security, compliance, IT risk management or IT audit function, gained from other sizable financial institutions
? Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified Information Systems Manager (CISM), or Certified in Risk & Information Systems Control (CRISC) preferable.
? Strong experience in data analytics applied to all stage of data analytics project lifecycle (identification, extraction, load, transform/shape, analyse, report)
? Demonstrable understanding of data quality risks and ability to carry out necessary quality checks to validate results obtained.
? Sound knowledge / experience of ISO27001~27005, ITIL v3, SOC 1/2/3 audit preferable
? Sound knowledge of Encase Forensics, Linux, Linen, Access Data, eDiscovery, TPAM, eGRC, CyberArk, CA IDM or ArcSight processing and hosting/review platforms preferable.
? Adaptable, able to interact and build strong relationships with people from a diverse range of backgrounds.
? Good command of written and spoken English (with Mandarin is preferable).
? Good communication and interpersonal skills; and
? Independent, ‘can do’ mindset and strong self-initiative.
? Act as an subject matter expert (SME) in Tech Risk governance and architecture
? Support business initiatives, provide advisory and recommendation from risk & control perspective (including but not limit to the review of Third Party Security Assessment (TPSA) submissions and administer the approval process).
? Process oriented framework to manage security governance services and processes (including but not limit to the review of Technology Risk Acceptance (TRA) submissions and administer the approval process).
? Manage remediation progress with internal, external service providers, operations and business partners.
? Establish and maintain security standards and policies.
? Assist to define security architecture for the company infrastructure and applications.
? Participate in security product evaluation and assist in security solution recommendation and deployment
? Research and evaluate on latest security threats and technology solutions, such as Cloud, Big Data, Social Networking and Mobile.
? Manage threat and vulnerability assessment
? Establish security dashboard with key risk indicators. Perform monthly risk trend analysis and compile management reports.
? Maintain IT Risk & Control Library and provide support to Group ICFR (Internal Control over Financial Reporting, initiated by Group Internal Audit and Group Finance).
? Provide support to Group Internal Audit and LBUs* on internal / external audit reviews.
? Provide support to Group ORM on Annual RCSA and monitor remediation progress on open RCSA and Audit items.
? Provide consultation to AIA LBUs regarding Tech Risk related matters.
? Administer Technology Building Permit (TBP), Exception Request (ER), and Standard Initialization (SI) approval process.
Requirements:
? Degree holder in Computer Science or related discipline.
? Over 5 years’ experience in IT security, compliance, IT risk management or IT audit function, gained from other sizable financial institutions
? Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified Information Systems Manager (CISM), or Certified in Risk & Information Systems Control (CRISC) preferable.
? Strong experience in data analytics applied to all stage of data analytics project lifecycle (identification, extraction, load, transform/shape, analyse, report)
? Demonstrable understanding of data quality risks and ability to carry out necessary quality checks to validate results obtained.
? Sound knowledge / experience of ISO27001~27005, ITIL v3, SOC 1/2/3 audit preferable
? Sound knowledge of Encase Forensics, Linux, Linen, Access Data, eDiscovery, TPAM, eGRC, CyberArk, CA IDM or ArcSight processing and hosting/review platforms preferable.
? Adaptable, able to interact and build strong relationships with people from a diverse range of backgrounds.
? Good command of written and spoken English (with Mandarin is preferable).
? Good communication and interpersonal skills; and
? Independent, ‘can do’ mindset and strong self-initiative.