Senior Analyst, First Line Risk

This is a risk management role predominantly covering Information Security domain and also touches other non-tech domains such as Third Party risk, Privacy risk, Risk and Control framework, Regulatory compliance review and staff awareness. Candidate will be responsible to provide oversight and advisory in risk related matters (including incident management). One of the key task is to co-ordinate with various stakeholders (global/local) for collecting information to prepare MIS/In-Control report on regular basis and present the same to the senior management within COO domain. Key Responsibilities and Accountabilities: 1. Security GovernanceImplement (& maintain) Global/Regional Information Security Policies, Processes & Procedures.Design and deliver security training and awareness activities within the Asian officesMaintain the Asia Security Repository2. Systems Security Risk and Compliance ManagementSupport security risk assessments (system, vendor, infra, DNB, other)Advise and support creation of security action plansSupport internal/external and regulatory audit requestsMonitor and provide regular reporting on security risk and compliance (e.g. KRI, KPI, Global Cybersecurity Risk, SLA Reporting, etc.)3. Security Advisory/ApprovalValidation role in Operational processes (e.g. Change Controls/Change Management Process, Firewall Rule Reviews, Data Extraction requests, Requirements Specifications, New Business Checklist, OAT signoffs, etc.)Participation in projects; providing security advisory (i.e. definition of technical solutions to specific security requirements; identifying specific security implications; validate functional specifications and technical architecture)4. Managed Security ServicesOwn and maintain SLAs and KPIs provided to other Asian Branches.Monitor, track and continual improvement of SLAs.5. Cyber Security Risk ManagementImplementation and maintenance of Asia Cyber Security FrameworkManage Cyber Security Risk Assessment and Profiling for Asia branches.Conduct Maturity assessment, identify gaps and continual improvement work.6. Incident Management including Security IncidentsPlay an advisory role to ITOPS team in managing incidents and provide an oversight of incidents on regular basis to the stakeholder.Responsible Security Incident Handling Process & Escalation, including Cyber Security Incidents7. Security Operations Related a) Vulnerability & Threat ManagementGovernance and oversight of vulnerability remedial action plans.Coordinate vulnerability assessment and/or penetration tests (including engagement, progress tracking and remedial action tracking)Monitor, manage and report on cyber threats.b) Security Monitoring & DetectionProvide 1st line monitoring for the DLP tool and conduct investigation.Initiate Security Incident where required.8. Other duties as directed. Qualifications: University degree.6 years of IT Security / IT Risk experiences in the financial service industryHold professional certification such as CISSP, CISA, CISM, CRISC or equivalentOffice 365 PlatformMicrosoft Power Platform (Power BI, Power Apps, Power Automate)Experience with GRC tool such as ArcherProficient in use of SharePointGood understanding of technology requirements from Asia regulators such as MAS, HKMA, RBI, and CBRCInterested candidates may apply directly through this link Diversity & Inclusion At Rabobank Asia, we:Believe a diverse and inclusive workplace is the foundation of our performance.Embed diversity in everything we do on a daily basis, whether it be our hiring, culture, development opportunities or our policies.Value differences in our people which is represented in terms of gender identity, age, sexual orientation, religion, ethnicity, disability, background, education, expertise or character.Embrace people from all walks of life to build a strong, creative, innovative and dynamic workforce that is reflective of the diversity of our community.Treat everyone equally so that everyone can be themselves, and each individual feels respected and valued on the basis of who they are.#Rabobank #RabobankAsia ApplyingIn 5 stepsWe'd like to get to know you.
Step 1ApplyingThanks for applying! We consider all the CVs and covering letters that we receive. After the closing date, you will hear from us as soon as possible.
Step 2First interviewUsually you’ll be meeting with your (potential) team leader and an immediate (future) colleague. We are keen to get a sense of whether you are a good fit for the position and our team. And you probably have a lot of questions too.
Step 3Second interviewWe want to speak to you a second time. In this online meeting, we will delve deeper into the details of what the job entails. Another colleague will often join the interview too.
Step 4OfferIf you are a good match for us and we’re a good match for you, then you’ll receive a good offer by email. Some positions require you to undergo further assessment first.
Step 5ScreeningWe assess whether you are trustworthy enough to work for Rabobank in a screening process.
I approve Rabobank to retain my details for 1 year for future applications.
I require a work permit to work in Hong Kong.
I authorize the Bank to collect and use my personal data for recruitment purpose. I understand that such data may be transferred to other Rabobank entities which are invovled in the recruitment and service providers who need the data for employment verification purposes.
HK Declaration on accuracy
optional
I declare that information given on this application is true and accurate. I understand that any omission and misrepresentation of any fact may results in failing the application or refusal of employment.
#J-18808-Ljbffr