Delivering and operating the objectives of China IT risk management framework, engaging the local stakeholder in execution/testing/assessments and collection of risk information for metrics reporting. Analyze key risk indicators and identify/escalate key risk issues and themes for management. Coordinates and supports the firms Risk Control Self-Assessment program. Identify new/horizon risks and engage stakeholders and our global team in determining the required adjustment to China risk landscape.
Sound knowledge of China financial market laws and regulations impacting technology risk management processes including technology governance, information security, business continuity planning, systems development, project management and supplier management.
Sound understanding of risk assessment methodologies, internal controls and industry technology risk management frameworks such as ITIL, CobiT, and ISO 27001. Industry Certification such as ISACA CISA, CISM, CRISC and CGEIT.
Strong analytical skills required to enable independent research and accurate assessments of inherent risk, control strength and residual risk of each legal entity in China.
Strong organizational skills and an ability to manage multiple demands and changing priorities. Detail oriented.
Outstanding communication and interpersonal skills. Ability to work effectively with all levels of the organization. Excellent influencing and negotiation skills. Fluent English is essential for this position.
Technology audit background in a highly complex financial institution.