Develop and maintain IT risk policies, framework, standard and guideline covering IT Risk
Ensure that IT risk managed properly under company surrounding and IT regulation (OIC and SEC)
Design and implement tools to identify, assess and evaluate IT risk to enable the execution of the IT risk management in alignment with the organization's risk appetite and tolerance levels to support business objective
Consolidate, follow up, monitor IT risk and report significant IT risk to Executive Management and Risk Management Committee to ensure the continued effectiveness of the risk management
Observe and investigate incident to identify the risk regarding IT, point gap and provide suggestion to business functions, ensure that business functions understand impact of risk that might occur.
Deliver communication session and awareness on IT risk and controls to IT or business stakeholders.
Work closely with IT Security, IT auditor and business functions in order to make them understand IT risk and effective control
Qualifications
Bachelor's degree or higher in Computer Engineering, Computer Science, IT, MIS, Finance, Business Administration or related fields
Strong logical thinking, analytical skill, interpersonal and communication skills
Good command in English.
Knowledge of Risk Management/ Cyber security/ IT Compliance/ Standard (NIST,CIS Control, ISO27001,ISO31000) will be an advantage.
Professional Risk Manager/LOMA/IT Certificate is a plus
