Information Technology Risk Manager
About this position
The Information Technology Risk Manager is responsible for developing and maintaining IT risk policies and frameworks, ensuring proper management of IT risks, and communicating effectively with stakeholders.
Responsibilities
• Develop and maintain IT risk policies, framework, standard and guideline covering IT Risk
• Ensure that IT risk managed properly under company surrounding and IT regulation (OIC and SEC)
• Design and implement tools to identify, assess and evaluate IT risk to enable the execution of the IT risk management in alignment with the organization’s risk appetite and tolerance levels to support business objective
• Consolidate, follow up, monitor IT risk and report significant IT risk to Executive Management and Risk Management Committee to ensure the continued effectiveness of the risk management
• Observe and investigate incident to identify the risk regarding IT, point gap and provide suggestion to business functions, ensure that business functions understand impact of risk that might occur.
• Deliver communication session and awareness on IT risk and controls to IT or business stakeholders.
• Work closely with IT Security, IT auditor and business functions in order to make them understand IT risk and effective control
Requirements
• Bachelor’s degree or higher in Computer Engineering, Computer Science, IT, MIS, Finance, Business Administration or related fields
• Strong logical thinking, analytical skill, interpersonal and communication skills
• Good command in English.
• Knowledge of Risk Management/ Cyber security/ IT Compliance/ Standard (NIST,CIS Control, ISO27001,ISO31000) will be an advantage.
• Professional Risk Manager/LOMA/IT Certificate is a plus