ROLE PURPOSE:

• Assist Technology Risk Manager in managing technology risk and communicating the Bank's direction on technology risk to all staff and provides advisory services and support to JIT’s role as the Technology Risk Policy Owner (RPO).
• Complement Risk Management Department (RMD) in facilitating and managing the transversal technology risks across the Bank.

               PRINCIPAL ACCOUNTABILITIES:

• Assist Technology Risk Manager to undertake the role as Risk Policy Owner [RPO] for technology risks in the Bank [2nd line of defence]
• Assess on the potential technology risks via environmental scanning and keeping abreast of risk trends to facilitate the identification and monitoring of technology transversal risks for the Bank including establishing risk ownership.
• Evaluate technology risk scenarios reported by the line departments to determine the likelihood and impact of significant technology risks, with key prioritisations. Propose necessary action plans to mitigate transversal technology risks via policy issuance or other risk treatment plans.
• Assess risk appetite and tolerance levels set by management with the respective significant activity owners and key stakeholders through awareness programs and promote effective management of transversal technology risks.
• Consolidate and escalate transversal technology risks to RMD and the Bank’s risk oversight committees and provide expertise in technology risk related matters to complement RMD in managing emerging technology risks in the Bank.
• Assist Technology Risk Manager in managing technology risk and undertaking the role as Line Department Risk Champion [1st line of defence] - [Annual Declaration of IT Risks].
• Clearly define risk events, causal, existing controls, action plan and assess the likelihood and impact for departmental based on the Bank’s risk taxonomy and risk framework. Identify risks based on the 4As guiding principle – Availability, Accessibility, Agility, Accuracy and recommend risk treatment strategies and plan.
• Share and provide value-added technology risk assessment advisory and consultancy services to stakeholders via an in-depth understanding of the stakeholder’s business area, anticipating needs of stakeholders, and continuously keeping abreast with developments in technology risk.
• Share and provide value-added technology risk assessment advisory and consultancy services to stakeholders via an in-depth understanding of
• the stakeholder’s business area, anticipating needs of stakeholders, and continuously keeping abreast with developments in technology risk.
• Dashboard and reporting
• Prepare, consolidate, and monitor risk registers (i.e risk events, key risk indicators (KRIs), mitigation plan), and risk responses to ensure that risk factors and events are encompassing and addressed in an effective manner and in line with business objectives.
• Consolidate and ensure timely submission of the departmental risk events to the Bank’s Risk Control Self-Assessment (eRCSA) systems and ensure its mitigation plans are closely monitored prior to consolidation and closure.

QUALIFICATION / EXPERIENCE:

• Academic Qualifications: A degree in Computer Science or Information Technology.
• Excellent command of verbal and written communication skills. More than 2 years’ experience in IT system and technology.
• Knowledge on risk management will be an added advantage.