BẠN SẼ LÀM GÌ?
Information System Operations:
• Privilege IDs and Support IDs User ID Management
• Manage security infrastructure accesses, cryptographic keys and PINs administration.
• Monitor and follow up of all reported security incidents
• Perform IT security risk assessment.
• Provide project advisory to IT projects in term of risk assessment
• Perform security control review on existing and new application systems.
• Perform due diligent on how vendor implement security controls on application/system resources and data handling.
• Conduct periodic reviews on user accounts, user groups and access rights / matrices
Business Continuity Management (BCM):
• Manage the bank’s Disaster Recovery, Business Continuity, Call Tree and Crisis Management processes and activities.
• Coordinate and facilitate Disaster Recovery, Business Continuity, Call Tree exercises and ensure recovery time objectives are met.
• Ensure Business Continuity Planning (BCP) and Disaster Recovery Planning (DRP) are aligned with requirements and bank’s policies, standards and procedures.
• Review BIA, BCM policies and the annual attestation.
• Support BCM committee on BCM matters.
• Assist in the improvement of IT services and controls through review of processes and self-assessment
• Coordinate internal, external and regulatory audits for Technology and Operations Department
• Monitor and follow up of corrective action plan on Technology and Operations audit findings, Management Risk Awareness (MRA) and Incidents reporting.
• Work with BU/SU to ensure outsourcing arrangements meet all regulatory and corporate policy requirements
• Provide report on Tech and Ops risk indicators
• Review key processes, support Operations Department on process flow and identify key risks
• Review control frameworks and perform assurance assessment
• Ensure Key Operational Risk Indicator submit accurately on a timely basis
• Monitor Key Operational Risk Indicator trend and perform operational risk analysis
• Act as LRCM for T&O to work with ORM on Product Program and Outsourcing as Operation Subject Matter Expert;
• Coordinating with Compliance on revised/new regulation requirements
• Monitor and follow up of corrective action plan on all T&O audit findings, management risk awareness and operational risk incident reporting.
• Other regulatory, internal audit and external 3rd party assessment
YÊU CẦU CHUYÊN MÔN
• Bachelor graduate with major in Audit / Banking & Finance/Computer Science
• 10 years of experience in banking operation control or audit with exposure to information system security management/assessment as well.
• Having knowledge on internal control principals and process/risk/controls assessment in Information System
• Willing to learn and take challenges
• Ability to work in a fast-paced, team-oriented environment
• A strong & assertive communicator in speaking & writing
• Able to work under high pressure and tight deadline
• Business support oriented
• Microsoft office and English proficiency
• Candidate with experience in operations and information system audit for Banks is a strong plus from a sound audit firm, the foreign banks or the regulators.
• IT/Operations projects experience is a plus but not mandatory