associate director (governance, risk & Compliance)eTeam Workforce Pte Ltd

Job Description :Role: Governance, Risk & Compliance, Asia ITDesignation: Associate Director 7AThree Lines of Defense model has been adopted and is applied uniformly across Sun Life. Functional Leaders & teams from Business Groups / units, as Job Description : Role: Governance, Risk & Compliance, Asia IT Designation: Associate Director 7A Three Lines of Defense model has been adopted and is applied uniformly across Sun Life. Functional Leaders & teams from Business Groups / units, as risk owners in the First Line of Defense, are responsible for the managing the risks arising from their respective day-to-day activities & to comply with this framework. The Governance, Risk & Compliance role works closely with Asia IT & ASC teams to deliver on this commitment. The Role: This position is expected to own relationships with tactical management throughout Asia IT Technology organization, improve expertise and capability of the Risk & Compliance supporting Sun Life Asia's Technology organization. The position reports to the AVP Risk & Compliance ASC & Asia IT, and is based in Manila, Philippines. The role is responsible for leading a portfolio of complex risk assessments, reviews & management testing related to enterprise Information Technology, with an emphasis toward IT Infrastructure, information security (including emerging cyber security risks) audits and timely consulting & support to ongoing Asia IT projects. This will also include IT Application reviews, specifically focusing on system controls. The responsibilities includes execution & delivery of the defined annual IT Governance plan, providing oversight and direction for complex and technical matters, and performing series of management self-testing within the Technology Organization in Asia. This will be a people leadership role. Major accountabilities- IT Governance, Risk & Controls: SLFs' Risk Management framework sets out the over-arching framework for the management of risk across the enterprise. This role requires the implementation & embedding the program within Asia IT organization in close alignment with ES Governance, Risk & Controls team & Corporate Risk. Key component of the Operational Risk Management Framework includes working with Technology leaders (CIO, CTO etc.) to identify and assess the top inherent risks and the associated internal controls to help understand the residual risk exposure within the business. The role includes monitoring & independent testing of the day to day operating controls, escalating issues / Operational Risk Events & closely monitoring them. IT Governance & monitoring of large and heterogeneous IT Infrastructure spread in Asia (including Mainframe, distributed computing platforms, voice/ telephony; enterprise networks, storage and security management) Draw up a IT Governance Plan for each year and drive adherence to it; Reviewing & testing of Information Security: Governance; Access Administration; Incident & Vulnerability Management; Internal & External Threat Management; Security policies, standards, and management control Technology Platforms: including UNIX, VMware, Windows servers; Storage (SAN, NAS, CAS) and Middleware. Information/Database Management: Data Warehouses & Database Management systems including Sybase, Oracle, SQL, DB2/UDB and IMS. Network Technologies: network security & management; Internet/Intranet technologies; Firewalls, Routers & Switches; IDS/IPS; VOIP; Wireless; DNS. Computer Operations: Cloud Computing, Data Center, Call Center and Network Control Center processes including problem management, service level management, environmental controls, physical security, job scheduling, job entry systems, media management, backup and recovery, and capacity & performance management. Assess technology that is new to the company such as cloud computing, mobile technology and high performance computing programs, and their related support models Embed control framework to align with Enterprise Services policy, directive and practices within in Asia IT and ASC Developing, reviewing, approving and periodically refreshing policies, directives & operating guidelines stemming from corporate, regional & local requirements Drive controls & compliance agenda for significant projects, initiatives & third party relationships Manage the risks associated with a significant business disruption by establishing & governing a comprehensive Business Continuity Management Program Other Linked Responsibilities include: Drive, participate & contribute in key Risk & Compliance Committees & Board requirements for the function at a corporate, regional and market level; Given the significance, seniority and remit of the role, it requires the individual to participate in the Management Committee & leadership meetings at various levels within & outside Asia IT and ASC; Develop & comply with the SOX program including IT general controls in Asia Conduct training & awareness sessions around key program elements within scope to gain sponsorship, enhance level of understating and driving a culture in embracing risk Management & Compliance across levels of the organization Act as a relationship manager between ES NA Program leaders, audit, governance and information services management to proactively understand emerging and developing risk areas Serves as a trusted advisor to the program/project manager and assumes both execution and responsibilities of specific areas including innovation Education and experience required for the role Bachelor's Degree in CS/E&C/IT Engineering or MCA / MBA with 16-20 years of experience in IT Governance, auditing business planning and future visioning in IT Interest in technology / IT or a recognized IT audit / security (CISA, CIA, CISM, CISSP) designation, Experience working in a client-facing, matrix, project-based assignments; typically gained through prior audit, advisory, consulting, or accounting experience in a "Big Four" firm or other large organization Good understanding of concepts around COSO, COBIT In depth knowledge of IT Governance methodologies, project management and system development methodologies, control frameworks and risk management practices, & regulatory requirements Proven managerial skills with progressive experience in the leadership and professional development Core Competencies - Specialized skills and knowledge required to accomplish objectives of this role: Proven relationship management skills including a demonstrated ability to deal effectively with staff of all levels including very senior functional AVPs, VPs, SVPs & EVPs. Proven experience in planning and executing against defined deadlines to achieve assignment objectives. Multitasking and the ability to operate effectively under pressure. Strong written and verbal communication skills, with ability to both develop relationships and formerly present findings and recommendations at executive and C-level Working knowledge of financial institution processes, including those relating specifically to group functions such as Finance, Treasury, Insurance, Actuarial and Investments is an asset. Ability to quickly comprehend business processes and identify the risk implications, to analyze complex situations, to reach appropriate conclusions, and make value-added and practical recommendations Excellent influencing skills, effective stakeholder management with successful track record of working collaboratively across matrix teams About ES Asia & DBI: Asia IT organization in Asia along with its shared service centers deliver highly available and secure infrastructure and technology services. Our collaborative, high performing team of professionals provide technology oversight, delivery and support for Sun Life Asia's business initiatives. It provides the underlying infrastructure that enables service delivery and helps connect the business to the clients in Asia. In Asia Sun Life is aggressively pursuing Digital Enterprise, a multi year program which a key pillar to Asia's growth strategy. This is to transform our culture, structure, processes and technology to build a brighter future for our Clients, Advisors and Employees Asia Service Center: Located at the two top offshoring destinations, India and Philippines, ASC has been providing shared services in Operations and Technology to Sun Life businesses for more than a decade. Over the years, ASC has achieved scale and operational maturity, and has institutionalized Sun Life's global standards by integrating closely with Sun Life's corporate functions. The bulk of portfolio is in the traditional technology and operations shared services domain.
Monster

Philippines
Permanent
Full-time