Responsibilities:

 

• Provide support, coordination, reporting and advisory on technology risk governance related areas

• Risk and Controls Self-Assessment

• IT General Controls (ITGC) Control Testing

• Extend the support to internal and external audits

• Daily governance related activities

• Manage technology risk and ensure the organization is adhered to the information security policies and standards, identify the gaps and coordinate with related parties to remediate them

• Partner with IT teams and Group functions to support the Tech Risk initiatives

• Proactively and act as a focal point for Business Units and Group functions to identify technology risk, ensure right controls are in place and report on deficiencies related to control design and operating effectiveness

• Validate issues identified and provide oversight of the response plans

• Support and maintain the Information Security policy and standards and the Risk and controls library

• Support and coordinate third party security risk assessments for Group functions

• Maintain department operating procedures

 

 

 

Requirements:

 

Experience

• At least 3 years of relevant experience, preferred to be gained from financial services industries

• Prior experience in Technology Risk Management or related discipline

• Experience in governance activities: audit support, management reporting

• Risk management for 3rd party vendors

• Relevant experience with NIST, ISO27001, ITGC or other industry related standards preferred

 

Education & Certification

• Degree holder in Computer Science or related discipline

• Information Security related certifications desirable e.g. Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified in Risk & Information Systems Control (CRISC)

 

Special skills

• Good communication and interpersonal skills to build strong relationships with stakeholders at multiple levels of seniority

• Good reporting, organization skills and attention to details

• Self‐starter and good time management

• Proficient in both spoken and written English

友邦资讯科技(广州)有限公司由友邦保险有限公司独资兴办。公司宗旨是为友邦保险集团属下全球的业务单位提供软件开发、维护、管理及业务外包等服务。

公司秉承以客户为中心的服务理念，不懈地进行有效的持续改进工程，务求成为友邦保险集团内一流的信息技术和企业营运中心,为客户提供高素质的服务和解决方案。公司的业务主要包括：开发及维护保险软件及办公室自动化、商务外包服务、架构支持（包括数据中心服务）、产品及工具开发。