Job Description

About Alliance Bank Malaysia Berhad

Alliance Bank Malaysia Berhad and its subsidiary, Alliance Islamic Bank Berhad, offers banking and financial solutions through its consumer, SME, corporate, commercial and Islamic banking. The Bank provides easy access to its broad base of customers throughout the country via multi-pronged delivery channels that include retail branches, Privilege Banking Centres, Business Centres, Investment Bank branches, and mobile and Internet banking.

We are currently seeking a high caliber professional to join our Group Information Technology (IT) Risk department under Group Risk Management division as an Assistant Vice President, IT Risk

The Role

A successful candidate in this position will be accountable to Support IT Risk Department and Group Risk Management for tasks related to management of enterprise-wide IT risk matters. These include:

• Manage the bank's technology and cyber security risks while meeting business service commitments;
• Review Business Requests, Projects and Initiatives while ensuring technology and cyber risks are adequately assessed and mitigated;
• Keep stakeholders abreast of technology and cyber security threats, effectiveness of current controls and priority of enhancement initiatives;
• Assess technology and cyber risks, and oversight on the implementation of mitigating controls;
• Monitoring and analyzing IT risk areas in bank's operations; and
• To develop and implement the appropriate framework and policies to mitigate technology & cyber risks for the group.

Job Description

• Develop / review core IT & Cyber Risk management framework and policies for consistent and synergetic implementation across the Group.
• Establish and develop new IT and cyber risk metrics and indicators.
• Identify emerging IT and cyber risks and trends.
• Perform IT risk reviews, risk assessment on IT/Cyber related incidents, gap analysis to assess IT and cybersecurity risks.
• Implement monitoring tools to proactively mitigate IT and cybersecurity related risks.
• Provide consultative advice, guidance and training on IT and cybersecurity related risks and issues including internal and regulatory guidelines, ongoing IT concerns and Business Continuity Management/Disaster Recovery Plan initiatives.
• Participate in IT projects and initiatives to assist in managing the IT and cyber risk profiles.
• Reporting to management and board level committees on IT and cyber risk related matters.
• Any additional ad hoc activities assigned by management from time to time

Job Requirements

Skills

• Detail orientation and quality in work output
• Customer / stakeholder management
• Time management
• Understand business requests and providing value to business
• Communication skills
• Being organized and structured in carrying out tasks
• Flexibility to change and respond to changing requirements
• Proactive and independent in managing expected outcomes based on historical work practices

Knowledge

• Sound understanding of Information systems and security controls as well as relevant technology solutions which comply with regulatory and banking industry requirements.
• Manage information security and cyber-attack incidents according to industry standards.
• Develop technology and cyber security risk management related framework, policies and procedures
• Regulatory requirements for Financial Services Industry in relation to technology risk, cyber security risk and risks in managing customer information such as RMiT and MCIPD.
• Management of RCSA, KRI, LED, MCIPD, CSA in banking industry

Experience

• At least 5 years of working experience in Risk Compliance banking environment
• Relevant professional certifications will be advantageous. For example, CISSP, CISM, CRISC.
• Experience in banking / financial industry will be advantageous

Job Requirements