This site uses cookies. To find out more, see our Cookies Policy

VP, Information Security Risk Assessment in Singapore at UOB Group

Date Posted: 12/3/2018

Job Snapshot

Job Description

Functional area: Business Technology Services
Employment type: Full-time
Job Type: Permanent

Information Security Risk Assessment (ISRA) is the key technology control process in the bank to ensure the IT systems used in the bank are designed with appropriate security protections and continue to be protected along with its lifecycle. This role will lead the ISRA section with following responsibilities:

Key Responsibilities:
  • Team lead of information security risk assessment section with focus on project security risk assessment and application security area.
  • Develop, drive and constantly improve security review processes to identify the risk throughout the lifecycle covering different layers of technology architecture.
  • Lead the risk assessment, tracking and periodical review of the deviations identified during the ISRA.
  • Review individual projects as well as to assess overall security posture holistically. Work closely with business to ensure security is a priority.
  • Provide regular update to stakeholders about the risk identified during the ISRA process.
  • As security SME, with the support from ISRA team, provide advisory to rest of IT teams to strengthen security controls.
  • Maintain awareness of security trends covering both new threats and technologies in order to understand the risk and better safe guard the organization.
  • Establish and maintain technical security guideline/standards.
  • Evaluate security solutions/processes.
  • Manage the security review team. Maintain a good team work. Review the performance and guide the staff career development. 
Requirements:
  • Degree in Computer Science, Computer Engineering, Software Engineering or related discipline
  • At least 12 years of IT experience, in which over 6 years are in the capacity of information security risk assessment or security architecture, preferably in a large BFSI environment.
  • Deep understanding of most of security technology domains.
  • Solid application security know-how, preferably banking applications.
  • Familiar with the regulator requirement related to the information security areas.
  • Good understanding of the key aspects of IT which includes strategic planning, application implementation & support, IT Infrastructure, Vendor & Contract Management, IT audit, IT governance, Risk management and business continuity planning.
  • Proficient in risk management concept and practices.
  • Keep up-to-date knowledge of security trends.
  • Ability to lead change, and to adapt quickly to changing priorities.
  • Ability to identify and improve on work & process inefficiencies.
  • Relevant certification such as CISSP, CSSLP, CISA, SANS, Microsoft, ITIL Foundation, would be advantages.
  • Good organization skill.
  • Good leadership skill.
  • Strong analytical and critical thinking skills and meticulous attitude.
  • Able to work independently or in a team with minimal supervision.
  • Excellent communication, writing and presentation skill.