Talent.com
This job offer is not available in your country.
Senior Manager, FM Technology Advisory

Senior Manager, FM Technology Advisory

Standard CharteredKuala Lumpur, Kuala Lumpur, Malaysia
15 days ago
Job description

Responsibilities

  • First point of contact for all Domain audit requests.
  • Review and assess FM audit matters; ensuring requests, actions and issues are managed and responded appropriately in timely manner.
  • Review adequacy of management response to audit findings, including proposing mitigating controls, relevant evidences.
  • Review progress and timely closure of audit findings.
  • Represent the Domain(s) as the Single Point of Contact (SPoC) on audits (internal and external) and Subject Matter Expert (SME) on the audit related matters.
  • Scope and plan thematic risk / isolated control reviews aligning with the Domain(s)’s key objectives, Group Internal Audit themes and key risk areas (may include suppliers where appropriate) including proposing treatment plans and risk ratings.
  • Manage risk assessments raised in systems (such as ServiceNow, M7 and CRISP) through periodic follow with action owners.
  • Ensure completeness and integrity of risk information captured in these systems.
  • Deliver control design for the relevant domain / process. Propose addition of or change in controls.
  • Propose changes and / or new Control indicators (KCI, KRI, KCSA, CST etc) to Portfolio Risk Leads.
  • Provide advice, drive and oversee Group wide remediations on Domain applications where applicable.
  • Manage remediation of exceptions to return to Green identified in various sources (metric, risk analysis).

Job Summary

  • Audit Management : First point of contact for all Domain audit requests.
  • Review and assess FM audit matters; ensuring requests, actions and issues are managed and responded appropriately in timely manner.
  • Review adequacy of management response to audit findings, including proposing mitigating controls, relevant evidences.
  • Review progress and timely closure of audit findings.
  • Represent the Domain(s) as the Single Point of Contact (SPoC) on audits (internal and external) and Subject Matter Expert (SME) on the audit related matters.

    • Risk Management

  • Scope and plan thematic risk / isolated control reviews aligning with the Domain(s)’s key objectives, Group Internal Audit themes and key risk areas (may include suppliers where appropriate) including proposing treatment plans and risk ratings.
  • Manage risk assessments raised in systems (such as ServiceNow, M7 and CRISP) through periodic follow with action owners.
  • Ensure completeness and integrity of risk information captured in these systems.
  • Deliver control design for the relevant domain / process. Propose addition of or change in controls.
  • Propose changes and / or new Control indicators (KCI, KRI, KCSA, CST etc) to Portfolio Risk Leads.
  • Provide advice, drive and oversee Group wide remediations on Domain applications where applicable.
  • Manage remediation of exceptions to return to Green identified in various sources (metric, risk analysis).

    • Key Responsibilities

  • Risk Forums : Support delivery of all risk forums within the Domain(s) operates within the approved Terms of Reference (ToR), including membership, agenda, and frequency.
  • Facilitation and pack production for the Domain(s) risk forums. Provide challenge to ensure robust Risk Management practice.
  • Submission of risk and control related details to relevant (Group) Risk Forums within schedule and at the required quality.
  • Participate / Input in other relevant forums as representation of Risk member for Domain.

    • Skills And Experience

  • Overall 7+ years of audit background, practical experience in engaging / managing technology audit engagement or being a member of a technology audit team.
  • At least 2-4 years’ experience in Operational Risk within technology.
  • At least 5 years’ experience in any (combination of) technology discipline.
  • In-depth understanding of IT controls required to manage Technology Risk.
  • Understanding of Technology Infrastructure / Applications / Project Lifecycle and the associated controls required through project delivery to manage and mitigate risk.
  • Knowledge of approaches, tools, techniques for recognising, anticipating, and resolving operational or process problems.
  • Confident and self-motivated leader with experience in effectively negotiating with and influencing others in a matrix environment.
  • Ability to operate across a wide range of seniority levels, Domain(s) operational divides, locations, and businesses.
  • Clear and concise verbal and written communications to different audiences; fluent English.
  • Pro-active posture and commitment to continuous improvement.
  • Good presentation skills.
  • Demonstrable analytical thinking; data analysis and reporting skills.
  • A team player who can work with people at all levels and also work independently under pressure to meet tight deadlines.

    • Nice-to-have

  • Project management experience / background, ideally with distributed teams.
  • Experience in any other risk management discipline (Credit, Market, etc.).
  • Experience working in a financial institution.

    • Qualifications

  • Tertiary qualifications in IT or Computer Science / Risk Management
  • ITIL Foundation / COBIT certified.
  • Optional but advantageous : CRISC (Certified in Risk and Information Systems Control)
  • Certification in CISA (Certified Information System Auditor) or related qualifications would be beneficial

    • Role Specific Technical Competencies

  • IT Auditing
  • Risk Management
  • Project Management
  • IT Technical (infra, hardware, software)
  • Bank Processes

    • #J-18808-Ljbffr

    Create a job alert for this search

    Senior Manager • Kuala Lumpur, Kuala Lumpur, Malaysia