Who we are
TrueMoney is a leading international Fintech brand and is part of Ascend Money, a digital financial services venture of The Charoen Pokphand Group (CP Group) and Ant Financial (Alibaba), two of the largest companies in Asia. We are now one of the largest financial life platforms in Southeast Asia, growing from just 1 market to 6 markets in a span of 2 years. We currently have significant operations in Thailand, Cambodia, Myanmar, Indonesia, Vietnam, Malaysia, and the Philippines.
We are looking for candidates who must have significant knowledge of Information Risk Management (IRM) methods and techniques and Cybercrime developments and who show leadership in identification and development of new IT security initiatives, policies and processes to mitigate threats or emerging risks.
Job description:
- Establishing and maintaining policies/minimum/guidelines regarding risk management e.g. Risk Management Policy, IT Risk Management Policy, Business Continuity Management and IT Disaster Recovery Planning Policy
- Providing effective 2nd line of defense on oversight of Technology related risk involving in assessing, in depth, the risks in IT Infrastructure, Cloud strategy, Data Management, IT Outsourcing, IT Operations, and Big Data.
- Assisting to update Ascend Money/True Money's risk appetite for approval by the board.
- Facilitating Risk and Control Self-Assessment (R&CSA) and monitoring the design and testing the operational effectiveness under Key Control Testing (KCT) and incident management of IT controls, BCP & IT-DRP and processes.
- Coordinating and supporting the Country Risk Management team for facilitating Risk and Control Self-Assessment (R&CSA), performing Key Control Testing (KCT), setting and reviewing Key Risk Indicators (KRIs) and Incident Management.
- Providing a control framework report and presentation material for committee and senior management.
- Challenge business units in implementing a secured architecture aligned with the business goals and future plans.
- Analysing IT incidents reported by staff and report lessons learned to the Head of International Risk and Fraud Management and the Committee.
- Delivering the oversight, advisory and guidance on new technology risk and emerging risk.
- Providing in-depth understanding of the technology and risk across Big Data, Cloud, Artificial Intelligence, and new technologies in the Financial Technology (FinTech) business.
- Assisting the Head of International Risk and Fraud Management to bring together a holistic picture of the technology risk across the company.
- Maintaining up-to-date in-depth industry and technical expertise in the areas of focus
- Tracking progress status with the Country Risk Management team around remediation activities to close gaps from policy compliance assessments and various other risk assessments.
- Ad-hoc assignment
Qualification:
- Bachelor's or Master's Degree in Economic, Finance, IT or related fields.
- Minimum 3-5 years or higher of professional experience in the IT Risk Management, IT Security or IT Audit with relevant experience in the Financial Services Industry.
- Strong organization, good presentation, communication, writing, interpersonal and teamwork skills.
- Demonstrated ability to details and ability to coach and supervise less experienced teammates.
- Demonstrated ability to complete assigned projects in a timely manner and in a fast-paced, high pressure environment, think out of the box.
- Multiple industry recognized certifications like CISSP, CRISC, CSSP (Cloud), CPT, ISO27001 is a plus.
- Strong analytical and quantitative skills as well as decision making skills.
- Able to work independently and work as part of a team.
- Thorough knowledge of IT governance and control frameworks
- Understanding of complex IT environments including legacy, hybrid cloud, virtualization, software defined networking.
- Good command in both oral and written in English communication.
- Able to travel in regional countries (i.e. Myanmar, Vietnam, Cambodia, Indonesia, Malaysia, the Philippines).
