This site uses cookies. To find out more, see our Cookies Policy

AVP, Technology Risk in Kuala Lumpur at Great Eastern

Date Posted: 8/4/2018

Job Snapshot

  • Employee Type:
    Full-Time
  • Location:
    Kuala Lumpur
  • Date Posted:
    8/4/2018
  • Job ID:
    116/351/1373

Job Description

Job ID: 000116

You will be assuming an integral role in IT Security, Risk and Compliance for Great Eastern Life Assurance Malaysia.

  • Implement an IT Compliance program to provide assurance on the compliance status in Group IT. The program will validate the key IT controls based on yearly prioritization and using an industry-accepted sampling methodology. The IT controls reviewed will consist of relevant processes, systems, reports and metrics.
  • Monitor state of IT compliance with regulatory requirements and internal policies, and report on compliance lapses.
  • Monitor changes in technology related legislation and regulation that affect the Group IT's Technology Risk management and compliance, and develop a compliance program to address potential gaps.
  • Conduct ongoing Compliance Review activities on key IT processes and system as per the plan and identify the gaps against standard requirements.
  • To provide timely reporting on compliance review activity to management and track to closure, all actions and risk arising from the review.
  • Assist in consolidating the Compliance Event Reporting form Group IT to GRM and also local RM&C.
  • Assist in reviewing CRSA for regulations as per GRM and local RM&C's schedule.
  • Assist in the reporting compliance matters to Group IT management on regular basis.
  • Assist in IT Audit engagements, monitor and track the audit progress, status of information submission and escalating overdue responses accordingly.
  • Assist in Root cause analysis for IT incidents, if required.
  • Educate staffs on compliance requirements and provide awareness session on risk & compliance matter.
  • Assist Department Risk officer and Department Compliance officer for GELM IT.
  • Assist in maintaining departments Risk Control Self-Assessment (RCSA) and conduct control testing according to GRM & local RM&C requirements.
  • Assist in the review of Project Risk Assessment (PRA) prepared by IT prior to start of project

Job Requirements

The Person:
  • Possess tertiary professional qualification in Computer Science, Information System or related disciplines
  • A minimum of 8 years’ experience in BCM, IT related environment including risk, security and control related functions
  • Good BCM and Technology risk identification and management skills
  • Good IT related knowledge, ie: risks management, investigation techniques, IS security and controls, regulatory requirements, policies and IT practices and benchmarks
  • Good knowledge of project management, and the ability to manage multiple project/ tasks with given deadline
  • Possess strong analytical and problem solving skills
  • Excellent verbal and written communications skills
  • Pro-actively keep abreast with job related function including technology, solutions and tools