This site uses cookies. To find out more, see our Cookies Policy

FVP/ VP, Information Security Risk Assessment in Singapore at UOB Group

Date Posted: 2/2/2018

Job Snapshot

  • Employee Type:
  • Location:
  • Job Type:
  • Experience:
    At least 9 year(s)
  • Date Posted:

Job Description

Functional area: T&O Policy & OA
Employment type: Full-time
Job Type: Permanent

Information Security Risk Assessment (ISRA) is a key technology process to ensure that high risk business applications and technology infrastructure components used in the bank are designed and implemented with appropriate security controls and continue to be protected throughout its lifecycle.  This role will have the following responsibilities:

Key Responsibilities:
  • Develop, drive and constantly improve security reviews to identify security risks throughout the application lifecycle covering different layers of technology architecture.
  • Work closely with colleagues from the application development teams and other skate holders to plan and execute the security risk assessments.
  • Track and review the corrective actions to remediate the security risks and deviations identified during the security risk assessment process.
  • Provide regular updates to stakeholders on the review progress and issues/risks identified during the security risk assessment process.
  • Work closely with the businesses and technology teams to ensure that information security is a priority. Provide security advice to the businesses and other technology teams to strengthen security processes and controls whenever required.
  • Perform the information security due diligence of outsourcing arrangements to ensure compliance with regulatory requirements and bank’s security requirements.
  • Establish and maintain security policies, standards, guidelines and processes.
  • Maintain awareness of security trends covering both emerging threats and technologies.
  • Evaluate new security solutions and technologies.
  • Degree in Computer Science, Computer Engineering, Software Engineering or related discipline 
  • At least 9 years of IT experience, in which over 5 years are in the domain of information security risk assessments or security architecture, preferably in a large FSI environment.
  • Good grasp of security principles and requirements for mission critical banking applications.
  • Solid application security and technology infrastructure security knowledge, including cryptography and cloud computing.
  • Familiar with the regulatory requirements related to technology risk management.
  • Good understanding of the key aspects of IT processes which includes application implementation & support, IT Infrastructure, IT audits, IT governance, and business continuity planning.
  • Proficient in calibrating risks and threat modelling.
  • Relevant certifications such as CISSP, CSSLP, CISA, SANS, Microsoft, ITIL Foundation, would be an advantage.
  • Good organization skills.
  • Strong analytical and critical thinking skills and meticulous attitude.
  • Able to work independently or in a team with minimal supervision.
  • Excellent communication, writing and presentation skills. 
  • Ability to collaborate and share knowledge within a fast-moving environment.