MyPage is a personalized page based on your interests.The page is customized to help you to find content that matters you the most.

I'm not curious

Digibank - Lead/ Senior, Technology and Cyber Risk

Location Bengaluru, India
Posted 19-March-2021
We are Grabbing the job detail for you

We are living in dynamic times. Technology is reshaping how we live, and we want to use it to redefine how financial services are offered. Grab is the leading technology company in Southeast Asia offering everyday services to the masses. Singtel is Asias leading communications group connecting millions of consumers and enterprises to essential digital services. This is why we are coming together to unlock big dreams, and financial inclusion for people in our region is just one of them.

Get to know the Role:

Responsible for establishing and maintaining effective technology and cyber risk governance of the Digibank.

Support the Chief Information Security Officer (CISO), Digibank in planning, establishing and driving implementation of technology and cyber risk framework and relevant initiatives.

Promote and foster positive behaviour and risk culture.

The day-to-day activities:

Lead, plan and drive implementation of Technology and Cyber Risk management initiatives.

Maintain a robust Technology and Cyber Risk Management Framework and formulate associated technology risk management policies.

Facilitate and provide support to other teams in the development, conduct and validation of risk management activities including self-assessments, review of security due diligence, risk treatment plans, risk acceptances and effectiveness of their associated mitigations.

Provide effective challenges on risk assessments, risk treatment and action plans to address prevailing and emerging cyber/ technology risks.

Formulate and provide independent risk reporting on the technology and cyber risk posture.

Formulate and perform analysis of technology and cyber risk metrics for emerging risk trends, and proactively work with product and system owners to address the risk

Act as a subject matter expert in relation to technology and cyber risk management.

Conduct horizontal scanning and research on emerging risk trends, threats, and vulnerabilities on emerging technologies.

Contribute to building security guidelines and baseline, and provide remediation mentorship to developers and product owners as required.

Develop and maintain strong business and technology relationships, and act in a capacity as a trusted risk partner.

The must-haves:

Passionate in Technology and Cyber Risk Management, with minimum 10 years of experience related to technology, information security, and/or technology control functions such as audit or risk management. Experience in the Financial Services industry is an added advantage.

Possess Degree in IT or equivalent with preferably professional certifications such as CRISC, CISA, CISSP.

Solid understanding of prevailing technology and cyber risk regulatory requirements under MAS (e.g. TRMG, Cyber Hygiene Notice).

Strong demonstrated knowledge/experience in technology risk management as a practitioner and able to relate to other associated risk types (e.g. operational risks).

Good understanding of technology and cyber risk regulatory requirements across the ASEAN region.

Possess strong communication and problem-solving skills.

Self-driven with ability and energy to design and drive change.

Ideally possess at least one of the following security certifications: CREST Registered Penetration Tester, CREST Certified Web Application Tester, CREST Certified Infrastructure Tester from CREST OSCP, OSWP, OSCE, OSEE; OSWE from Offensive Security; GMOB, GPEN, GXPN, GAWN and GWAPT from SANS Institute.

Nice to-haves:

Experience in vulnerability management, patching automation and understanding of VA/PT techniques.

Experience with red/ purple teaming and bug bounty.

Understanding of source code review tools and techniques.

Knowledge of information security standards like OSCPOSCECREST is an added advantage.
Min 10 to 13 Years.

Awards & Accolades for MyTechLogy
Winner of
Top 100 Asia
Finalist at SiTF Awards 2014 under the category Best Social & Community Product
Finalist at HR Vendor of the Year 2015 Awards under the category Best Learning Management System
Finalist at HR Vendor of the Year 2015 Awards under the category Best Talent Management Software
Hidden Image Url