Search by job, company or skills

Techcombank (TCB)

Senior Expert, Technology Risk Management

Techcombank (TCB)
Hanoi, Vietnam
10-12 Years
new job description bg glownew job description bg glownew job description bg svg
  • Posted 8 hours ago
  • Be among the first 10 applicants
Early Applicant

Job Description

Job Purpose

1. Develop and maintain technology risk management framework, policies, procedures, guidelines

- Develop principles and methodologies for technology risk management, establishing technology risk limit, key risk indicators ... according to international practices, legal regulations, and internal governance requirements

- Standardize risk management activities including identifying, assessing, responding and monitoring technology and information security risks following industry best practice and international standards (NIST, ISO, COBIT ...)

- Develop technology & information security threat/ vulnerability/ scenario/ control catalogs

- Consult relevant units to develop BCP/DRP in bank wide level.

2. Develop technology risk management capabilities and improve bank wide technology & information security risk awareness and culture

3. Develop strategies, roadmap and action plans for TDRM

Key Accountabilities (1)

Establish and maintain the technology risk management framework

- Develop technology risk management framework, methodologies, regulations, policies, standards, procedures, guidelines.

- Enhance risk taxonomies, governance policies and operating models collaborating with ORM based on investigation findings to enhance robustness of existing risk mechanism

- Establish and allocate technology risk limits, key risk indicators (KORI) according to international practices, legal regulations, and internal governance requirements

- Periodic review & update technology risk strategies/ roadmap/ action plans, technology risk management framework

Key Accountabilities (2)

Assess technology risks, consult to develop mitigation solutions and monitor

- Review and approve technology risks in technology strategy, technology platforms, technology and business processes under the authority as prescribed

- Consult to develop solutions and methods to effectively mitigate and manage technology risk based on technology risk management framework, ensuring comprehensive risk management implementation

- Technical control assurance based on internal policies, government law and regulations, international security standards

- Independent investigate cybersecurity/ technology risk events or digital platform risks; analyzing root causes, proposing solutions/actions to mitigate and manage risks

Key Accountabilities (3)

Develop technology risk management capabilities, improve bank wide technology risk awareness and culture

- Research on emering technologies applying in banking operations to provide subject matter advices in managing emerging risks

- Build & implement technology risk management capabilities (i.e. competencies standard, training, upskilling, coaching and communication) to enhance bank's capability in managing technology risks in bank wide level

- Support other units to conduct training and communication to improve bank-wide technology risks awareness and culture

Success Profile - Qualification and Experiences

Experience

- At least 10 years of relevant work experience in IT field, including at least 4 years of IT risk management (1st or 2nd line of defence) experience

- Have experience in developing IT risk governance & management framework, risk management policies, procedures and guidelines.

- Have experience in IT infrastructure operation/ IT Architecture/ Cybersecurity operation/ DevSecOps/ Cloud Computing

- Have experience in IT Audit, IT compliance & assurance

- Have experience in developing IT risk management capabilities to enhance bank's capability in managing technology risks

Expertise

- Extensive knowlegde IT & cybersecurity risk management framework (COBIT, ITIL, ISO, NIST ...), internal information security laws & regulations (Circular 09/2020-NHNN, Circular 50/2024-NHNN, Cybersecurity Law, Personal Data Protection Law ...), and international information security standards (SWIFT CSP, PCI DSS, CIS ...)

- Deep knowledge in at least 2 of the following areas: IT infrastructure operation/ IT Architecture/ Cybersecurity operation/ DevSecOps/ Cloud computing

- Good knowledge of emerging technologies such as GenAI, Blockchain, Quantium technology, etc.

Qualifications

- Having a university degree or higher on Information Technology, Information System, Computer Science, Electronics & Telecommunications, Information Security or equivalent...

- English: TOEIC 650 or equivalent

- Professional certifications in IT Risk, IT Security: CISA/CISSP/CRISC/CISM/COBIT/ITIL ...

More Info

Job Type:
Permanent Job
Industry:
Other
Function:
It Risk Management
Employment Type:
Full time

About Company

Techcombank (TCB)

Job ID: 143845375

Jobs by Skill - IT
Jobs by Skill - Non IT
International Jobs
Last Updated: 03-03-2026 08:02:05 PM
Homejobs in HanoiSenior Expert, Technology Risk Management

Similar Jobs

Expert, Technology Risk Management

Techcombank (TCB)