Senior Analyst, First Line Risk

• Op locatie
• 88 Queensway,
• Hongkong SAR
• 40 uur
• Fulltime

This is a risk management role predominantly covering Information Security domain and also touches other non-tech domains such as Third Party risk, Privacy risk, Risk and Control framework, Regulatory compliance review and staff awareness. Candidate will be responsible to provide oversight and advisory in risk related matters (including incident management). One of the key task is to co-ordinate with various stakeholders (global/local) for collecting information to prepare MIS/In-Control report on regular basis and present the same to the senior management within COO domain.

Key Responsibilities and Accountabilities: 

1.    Security Governance

• Implement (& maintain) Global/Regional Information Security Policies, Processes & Procedures.
• Design and deliver security training and awareness activities within the Asian offices
• Maintain the Asia Security Repository

2.    Systems Security Risk and Compliance Management

• Support security risk assessments (system, vendor, infra, DNB, other)
• Advise and support creation of security action plans
• Initiate system recertification
• Support internal/external and regulatory audit requests
• Monitor and provide regular reporting on security risk and compliance (e.g. KRI, KPI, Global Cybersecurity Risk, SLA Reporting, etc.)

3.    Security Advisory/Approval

• Validation role in Operational processes (e.g. Change Controls/Change Management Process, Firewall Rule Reviews, Data Extraction requests, Requirements Specifications, New Business Checklist, OAT signoffs, etc.)
• Participation in projects; providing security advisory (i.e. Definition of technical solutions to specific security requirements; identifying specific security implications; validate functional specifications and technical architecture)

4.    Managed Security Services

• Own and maintain SLAs and KPIs provided to other Asian Branches.
• Monitor, track and continual improvement of SLAs.

5.    Cyber Security Risk Management

• Implementation and maintenance of Asia Cyber Security Framework
• Manage Cyber Security Risk Assessment and Profiling for Asia branches.
• Conduct Maturity assessment, identify gaps and continual improvement work.

6.    Incident Management including Security Incidents

• Play an advisory role to ITOPS team in managing incidents and provide an oversight of incidents on regular basis to the stakeholder. 
• Responsible Security Incident Handling Process & Escalation, including Cyber Security Incidents

7.    Security Operations Related  
a) Vulnerability & Threat Management

• Governance and oversight of vulnerability remedial action plans.
• Coordinate vulnerability assessment and/or penetration tests (including engagement, progress tracking and remedial action tracking)
• Monitor, manage and report on cyber threats.

b) Security Monitoring & Detection

• Provide 1st line monitoring for the DLP tool and conduct investigation.
• Initiate Security Incident where required.

8.    Other duties as directed.

Qualifications: 

Essential:

• University degree.
• 6 years of IT Security / IT Risk experiences in the financial service industry 
• Hold professional certification such as CISSP, CISA, CISM, CRISC or equivalent
• Office 365 Platform

Desirable:

• Microsoft Power Platform (Power BI, Power Apps, Power Automate)
• Experience with GRC tool such as Archer
• Proficient in use of SharePoint
• Good understanding of technology requirements from Asia regulators such as MAS, HKMA, RBI, and CBRC

Diversity & Inclusion

At Rabobank Asia, we:

Believe

a diverse and inclusive workplace is the foundation of our performance.

Embed

diversity in everything we do on a daily basis, whether it be our hiring, culture, development opportunities or our policies.

Value

differences in our people which is represented in terms of gender identity, age, sexual orientation, religion, ethnicity, disability, background, education, expertise or character. 

Embrace

people from all walks of life to build a strong, creative, innovative and dynamic workforce that is reflective of the diversity of our community.

Treat

everyone equally so that everyone can be themselves, and each individual feels respected and valued on the basis of who they are.

#Rabobank #RabobankAsia

• Artikel
• Artikel
• Vakgebied
• Artikel

In 5 stappen

We leren je graag beter kennen.

Stap 1

Sollicitatie

Leuk dat je solliciteert! Wij nemen alle cv's en brieven door. Na sluitingsdatum krijg je zo snel mogelijk een reactie.

Stap 2

Eerste gesprek

Je maakt online kennis met meestal je leidinggevende en een directe collega. We willen weten of je bij de functie en het team past. En jij hebt vast ook veel vragen aan ons.

Stap 3

Tweede gesprek

We willen je graag een tweede keer spreken. Bij dit online gesprek gaan we dieper in op de inhoud van de functie en spreek je vaak nog met een andere collega.

Stap 4

Aanbod

Ben jij de nieuwe collega die we zoeken en word jij ook blij van ons? Dan krijg je een goed aanbod per e-mail. Bij sommige functies moet je eerst nog een assessment doen.

Stap 5

Screening

Tijdens de screening onderzoeken we of je betrouwbaar genoeg bent om voor Rabobank te werken.

Senior Analyst, First Line Risk

Upload UploadDeze website is beschermd door reCAPTCHA en de Google Privacybeleid en Servicevoorwaarden zijn van toepassing.Verstuur je sollicitatie