ខ្មែរ
IS Operational Risk Manager
Full Time Phnom Penh Posted 3 weeks ago
Technology
- Establish strategic, roadmap and action plan for the whole IT Division from the risk management concept.
- Establish policy, standard, base line and procedure to comply with local regulatory, standard and practice into to current Bank context.
- Risk hazard by define assessment scope and methodology to meet objective.
- Risk assessment report, monitor, follow up action respond from Risk owner and provide risk mitigation suggestion.
- Support Technology Division to reduce risk, minimize impact from the internal and external threat does not limit to non-critically system defined and assigned task.
- Involve risk analyst to the result from Internal Audit, RCSA, KRI and other related technology on to dashboard report and update to management when required.
- Reinforce Corporate IT governance from Risk concept to improve process to support another department if needed.
- Bachelor Degree of Computer Science/Information Technology
- Attended IT Risk Management program such as NIST, CRISC, ISO/IEC 27000 Series, ISO/IEC 38500 COBIT and FAIR; Certified to these Internation Certification is preferable.
- At least 5 years of experience related with IT Risk Management
- Working in Commercial Bank/International Audit Firm in related Risk field is often preferred.
- With specific tools and technology like GRC is often preferred.
- Deep understanding of risk methodology and regulatory guidelines, standards and frameworks.
- Strong track records.
- Good English and Communication skill.
- Business relationship of IT Corporate Governance, Risk and Compliance; this role will be a critical interface between and the Channel and will be require presenting to the Leadership and the executive team when called upon to do so by the Chief Technology Officer and Chief Risk Officer and IT Security team.