Information Risk Management Manager
Part I: General Information
Job Title : Information Risk Management Manager
Department : Legal & Compliance
Location : STC
Report to : Head of Legal & Compliance
Part II: Jobb Summary
IRM manager takes the role of oversight on Information Risk and Data Privacy Management of Shinhan Vietnam Finance in accordance with Company and Group guidance and plan. This role will work closely with IT Department to ensure safety on information and data transfer and control.
Part III: Key Accountabilities
- Take ownership and implement Information Risk, Privacy policies and related applicable law.
- Liaise with business operation to provide Information Risk and Privacy advice.
- Provide in-class training, annual Computer Based Training (CBT) and acknowledgement process, Signing of Information Security Code of Practice (ISCoP), and other required training;
- Coordinate and assure other training related to Information Risk and Privacy performed properly.
- Maintain 3rd party engagement, scenario test design and implementation of regular phishing simulation.
- Initiate activities to foster privacy awareness within company.
- Develop Company’s project, functional 3rd parties engagement to conduct risk assessment and to ensure that all privacy concerns, requirements and responsibilities are addressed.
- Review, authorize rountine and enhanced information/data access, SIT.
- Liaise with departmental operation to complete regular reports/ exercises, such as: Incident report; Sensitive Information Transfer (SIT).
- Continuously research and follow up the latest IT and cyber security challenges and technologies
- Conduct gap analysis and implement remediation plan per applicable regution change.
- Be accountability of all regulatory reports related to Information Risk and Privacy. Ensure the report timely be sent to SBV and other regulators.
- Supervise quality and timeline of workdone from team members.
- Other ah-hoc tasks assigned by Head of Legal & Compliance and CEO. Team management: Maintain quality assurance for operation of Information Risk Management.
Part IV: Job Specification / Possible Profile
Bachelor’s degree in Information Technology. Qualified any security consulting certifications (CISSP, CISA, CISM) is an advantage.
Understanding banking/consumer finance regulations and operation process.
Prior experience over 3 – 5 years in internal/ external IT audit; Risk management in banking and consumer finance is an advantage.
Excellent communication and negotiation skills.Problen solving and colabaration skills. Ability to speak and write in English at advance level.
How to apply
We can’t wait to find our next great talent! If interested, Please send your CV to Recruitment team at: firstname.lastname@example.org