Job Description
Role Purpose
The purpose of this role is to design the organisation's computer and network security infrastructure and protect its systems and sensitive information from cyber threats
Roles And Responsibilities
- This role is responsible for identifying, assessing, managing and governing risk through the application of the Customer's Enterprise Risk Management Framework and specifically the underpinning Operational Risk Type Framework and with consideration given to industry standards and best practices.
- This role is key and responsible for continuing improvements in the Domain(s)'s approach to risk identification and mitigation, control management and audit engagement within the framework set out by the relevant authorities.
- This operations role ensures a constant state of preparation, readiness and continuous improvement across process, risk management and reduction, audit success, documentation, MIS systems and reporting.
- Maintain & Implement Risk and Control Process for 1st line of defence as per Customer's ERMF.
- Identify risk profile / R&R for all parties involved, Cloud Platform support Mgr, Platform engineer , Domain heads etc.
- Document & Maintain (review periodically for applicability, improvement and efficiency) the Risk Management process on Domain Risk Meetings, MOM Templates, Audit Engagements, Risk Approvals, Risk Extensions, Risk Assessments and Risk reviews done by UORM.
- Maintain central data repository for Risk & Control.
- This includes Risk Profile, Risk Analysis (Operational M7 & CRISP Security risks), Stakeholder engagement Matrix, CSAR Status, list of GIA Audits and status, Open and Overdue Audit status etc.
- Ensure Awareness of Rules of Engagement w.r.t Risk Management to all domain stakeholders either directly or through UORMs and Leadership to ensure consistency across domains.
- Advise and assist the Cloud & DevOps Portfolio Head(s) in driving and directing effective compliance with the prescribed Enterprise risk management framework
- Implement effective and efficient controls to minimise / mitigate operational impact
- Ensure proper management of risk and timely resolution of issues
- Promote understanding, practice and culture of Enterprise Operational Risk within the Domain(s).
Want more jobs like this?
Get jobs in Kuala Lumpur, Malaysia delivered to your inbox every week.
Qualifications
The successful candidate should have 10-15 years of experience in Technology Risk Management, Information Security, Technology Governance, Internal Audit (Technology) or other related roles. The preferred candidate will have experience in Financial Services or other heavily regulated industries (e.g. Pharmaceuticals, Healthcare, etc.). Clear, concise and articulate communication of complex and conceptual topics is required for success.
In addition, the following qualifications are preferred:
- Relevant industry certifications (e.g. CIA, CRISC, CISA, ITIL, CISSP, GRCP / CRCM)
- Cloud CSP training such as AWS Foundation and/or MS Azure Fundamentals
- Experience with Technology Implementation or Operation
- Hands on experience with Control Design and Implementation
- Understanding of the Audit Lifecycle
- Knowledge of relevant Technology and Business Regulations; ideal candidate has direct experience of interface with Regulators (principally PRA, MAS and HKMA).
- Knowledge of and/or hands-on experience of Technology Architecture
- Comfortable with ambiguity and able to make decisions
- Process Design and Analysis
- Documentation and Textual Analysis
- Data Analytics
- Experience negotiating with and influencing technical and/or senior stakeholders
- Knowledge of Cloud and DevOps
- Excellent understanding of Operational Risk Management for a technology stream
- Strong performer, with efficiency and delivery outcomes
- Makes a strategic difference
- Fluent English communication & writing skills
- Assertive & good problem-solving skills with common sense
If you encounter any suspicious mail, advertisements, or persons who offer jobs at Wipro, please email us at helpdesk.recruitment@wipro.com. Do not email your resume to this ID as it is not monitored for resumes and career applications.
Any complaints or concerns regarding unethical/unfair hiring practices should be directed to our Ombuds Group at ombuds.person@wipro.com.
We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, caste, creed, religion, gender, marital status, age, ethnic and national origin, gender identity, gender expression, sexual orientation, political orientation, disability status, protected veteran status, or any other characteristic protected by law.
Wipro is committed to creating an accessible, supportive, and inclusive workplace. Reasonable accommodation will be provided to all applicants including persons with disabilities, throughout the recruitment and selection process. Accommodations must be communicated in advance of the application, where possible, and will be reviewed on an individual basis. Wipro provides equal opportunities to all and values diversity.