永州雷棺物联网科技有限公司

 Responsibilities:

 

• Provide support, coordination, reporting and advisory on technology risk governance related areas

• Risk and Controls Self-Assessment

• IT General Controls (ITGC) Control Testing

• Extend the support to internal and external audits

• Daily governance related activities

• Manage technology risk and ensure the organization is adhered to the information security policies and standards, identify the gaps and coordinate with related parties to remediate them

• Partner with IT teams and Group functions to support the Tech Risk initiatives

• Proactively and act as a focal point for Business Units and Group functions to identify technology risk, ensure right controls are in place and report on deficiencies related to control design and operating effectiveness

• Validate issues identified and provide oversight of the response plans

• Support and maintain the Information Security policy and standards and the Risk and controls library

• Support and coordinate third party security risk assessments for Group functions

• Maintain department operating procedures

 

 

 

Requirements:

 

Experience

• At least 3 years of relevant experience, preferred to be gained from financial services industries

• Prior experience in Technology Risk Management or related discipline

• Experience in governance activities: audit support, management reporting

• Risk management for 3rd party vendors

• Relevant experience with NIST, ISO27001, ITGC or other industry related standards preferred

 

Education & Certification

• Degree holder in Computer Science or related discipline

• Information Security related certifications desirable e.g. Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified in Risk & Information Systems Control (CRISC)

 

Special skills

• Good communication and interpersonal skills to build strong relationships with stakeholders at multiple levels of seniority

• Good reporting, organization skills and attention to details

• Self‐starter and good time management

• Proficient in both spoken and written English

友邦資訊科技(廣州)有限公司由友邦保險有限公司獨資興辦。公司宗旨是為友邦保險集團屬下全球的業(yè)務單位提供軟件開發(fā)、維護、管理及業(yè)務外包等服務。

公司秉承以客戶為中心的服務理念，不懈地進行有效的持續(xù)改進工程，務求成為友邦保險集團內一流的信息技術和企業(yè)營運中心,為客戶提供高素質的服務和解決方案。公司的業(yè)務主要包括：開發(fā)及維護保險軟件及辦公室自動化、商務外包服務、架構支持（包括數據中心服務）、產品及工具開發(fā)。