Connecting linkedin



Security Operations/Information Security Consultant

A large Foreign Bank is looking for a Security Operations SME/Consultant that will be responsible for assisting department head to perform the IT risk management for the department, act as the IT liaison of audit requests and coordinate across the Bank to prepare solutions.

IT Risk & Audit Functions 

  • Assist to conduct FLU IT risk management and be responsible for identifying, measuring, monitoring, managing and reporting the IT risks
  • Involve in performing quarterly in-scope risks (i.e. operational, strategic, compliance, reputation) and controls self-assessment, report results, develop and track remediation efforts, and coordinate risk-acceptance if needed
  • Periodically assess the key risk indicators that are required by other departments, report and escalate breaches as needed
  • Track policy exceptions, seek justification and approval for policy exceptions, and escalate limit breaches a needed
  • Perform IT Risk assessments on major business application implementation and critical business applications

Regulatory and Audit Cooperation

  • Fulfill request from regulators and auditors
  • Prepare presentations as needed during regulator visits
  • Coordinate action plans with the Bank, and coordinate efforts in addressing regulator and audit request and inquiries

Job requirements

  • Bachelor’s degree or above
  • 10-15 years’ experience in security operations, information security, risk management,  computer risks and controls knowledge of banking IT environments
  • CISSP, CISM, CEH, Security+, or etc. certifications are a plus
  • IT Risk management, IT risk and control assessment methodology, information security, SSAE 18 SOC1, SP800-53 standards
  • Regulatory and compliance knowledge, financial banking industry knowledge
  • IT Auditor experience preferred