Prudential's purpose is to be partners for every life and protectors for every future. Our purpose encourages everything we do by creating a culture in which diversity is celebrated and inclusion assured, for our people, customers, and partners. We provide a platform for our people to do their best work and make an impact to the business, and we support our people's career ambitions. We pledge to make Prudential a place where you can Connect, Grow, and Succeed.
Job Purpose / Mục tiêu vị trí
This role is to:
Vị trí ny giúp:
. Provide assurance and oversight on information and technology risks that might pose a threat to the business.
Đảm bảo v giám sát các rủi ro thông tin v công nghệ có thể gây ra mối đe dọa cho doanh nghiệp.
. Provide LBU management with objective analysis, detailed observations and recommendations relating to key information and technology risk areas to mitigate the spectrum of risks relating to the achievement of the LBU's business operations. Cung cấp cho ban quản lý công ty những phân tích khách quan, quan sát chi tiết v đề xuất liên quan đến các lĩnh vực rủi ro công nghệ v thông tin trọng yếu để giảm thiểu các rủi ro liên quan đến việc đạt được các hoạt động kinh doanh của LBU.
. Provide oversight and assurance within the LBU that processes, tools, and technologies are operating effectively to mitigate risks to information and technology assets.
Giám sát v đảm bảo trong công ty rằng các quy trình, công cụ v công nghệ đang hoạt động hiệu quả để giảm thiểu rủi ro đối với thông tin v ti sản công nghệ.
. Monitor and review the effectiveness of implementation of information technology, security and data protection standards, policies, and procedures within the LBU to ensure compliance with regulatory, Group, and LBU specific policy requirements Theo dõi v đánh giá hiệu quả của việc triển khai các tiêu chuẩn, chính sách v thủ tục về công nghệ thông tin, bảo mật v bảo vệ dữ liệu trong công ty để đảm bảo tuân thủ các yêu cầu chính sách cụ thể của cơ quan chức năng, của Tập đon v của công ty.
. Support LBU operational functions as required to manage risks to information and technology assets appropriately.
Hỗ trợ các chức năng vận hnh của công ty theo yêu cầu để quản lý rủi ro đối với ti sản công nghệ v thông tin một cách phù hợp
. Provide independent, objective assurance that information and technology risks are being managed to ensure they are within the risk appetite approved by the Board.
Đảm bảo tính độc lập, khách quan rằng các rủi ro thông tin v công nghệ đang được quản lý để đảm bảo những rủi ro ny nằm trong khẩu vị rủi ro đã được Hội đồng quản trị phê duyệt.
. Work closely with the Group Technology Risk Management team to roll out and ensure the effective implementation of information and technology risk frameworks, policies, processes, and other initiatives.
Phối hợp chặt chẽ với nhóm Quản lý Rủi ro Công nghệ của Tập đon để triển khai v đảm bảo triển khai hiệu quả các khuôn khổ, chính sách, quy trình v các sáng kiến khác về rủi ro công nghệ v thông tin
Job Responsibilities
IT Operational Risk Management
- Conduct IT risk governance, risk exercises following ORM framework.
- Conduct frequent deep dive review of IT Key risks, processes and investigate incidents root causes to optimize process and propose recommendations.
- Access and monitor IT Incident Management systems to support business teams and IT to control risk of IT system disruptions.
- Review, advise, train IT Risk Champion to enhance IT processes and risk controls.
- To advise, support digitalization projects/process in company.
- Others:
- Proactively look for better ways to improve the effectiveness of the risk management activities
- Other tasks to be assigned by Line Manager or Head of Technology Risk Management or Company's management (if any).
Job Accountability /
This role is:
Key responsibilities of the position include:
- Ensure the formation of LBU Technology Risk Management framework and the successful rollout and implementation within the LBU.
- Provide technical and best practice guidance on information and technology risk taking into account specific platform and regional complexities and issues.
- Support the LBU Technology Risk Management Department in ensuring periodic reporting of information and technology risk matters to LBU risk committee.
- Work closely with LBU operational risk management team in managing LBU information and technology risk.
- Ensure the formation of the information and technology risk appetite and key risk metrics for management oversight and the successful rollout within the LBU.
- Proactively monitor LBU risk register and to escalate any potential risk area for Group level risk reporting.
- Work closely with LBU ORM to review LBU risk register to ensure the risk rating, treatment plan and target completion date are able to reduce/mitigate the risk on reasonable basis.
- Promote a risk culture to LBU stakeholders in managing information and technology risk.
Job Requirements / Yêu cầu
Mandatory Qualifications
- Bachelor degree in Technology, Information systems, Data science or related subjects.
- Good awareness of Enterprise Risk Management.
- In addition to a technology degree, is appropriately certified and / or has other relevant technical certification such as Technology Risk Management, Technology Audit, IT Management, Cybersecurity, Cloud, Software Engineering or Project Management. Examples of certifications:
Risk Management: CRISC
Audit: CISA
IT Service Management: ITIL Foundation, PRINCE2, PMP
IT Architecture/Cloud/Network: Microsoft Certified Azure Solution Architecture Expert, (ISC)2 CCSK, CompTIA Cloud Essentials
Advantage:
- Known as an SME in own functional area and is often sought after for advice / consultation.
- Apart from business-as-usual work, have delivered impactful initiatives / products which has helped elevate the function (e.g., helped automate a certain manual process / delivered an automated dashboard for more efficient risk identification etc.)
- Coding background / data analytics capability (familiar with tools such as Python, SQL)
Experience
- 2-3 years and above of relevant experience. (Technology AND Risk Management/Audit experience is compulsory)
- Experience in Data analytics, Power BI.
- Candidates having experience in financial services (Banking, Insurance, etc.), Consultancy (e.g., Big-4, Accenture, etc.) in Technical Advisory, Technology Risk Management, Internal IT audit services, or Tech Companies (Digital Fintech, Digital Banks etc.) will be a plus.
- Experience in identifying, managing and reporting risk and controls in at least three or more of the following areas:
IT infrastructure management (e.g., network, platforms such as IBM, Unix, Windows, middleware, and databases)
IT operations (e.g., data centre management, backup, batch processing, incident, and problem management)
Application development and change management (SDLC)
IT project management/delivery
Third party risk management
IT Service Management
- Added advantage if candidates have experience in identifying, managing and reporting technology risks and controls in at least one or more of the following areas:
Cloud (PaaS, IaaS, and SaaS)
DevOps and / or DevSecOps
API management
Artificial intelligence
Data governance
Agile development
Mobile device management (including containerization)
Mobile application development
Knowledge and skill / Kiến thức v kỹ năng
- Good written and verbal communication (both English and Vietnamese), critical thinking skills, effective interpersonal skill and strong project management experience.
- Good skill in data analytics, Power BI.
- Ability to analyze, communicate, articulate governance, standards and framework.
- Ability to be flexible and work effectively.
- Customer services and positive mind-set.
- High sense of responsibility, integrity, and confidentiality.
Prudential is an equal opportunity employer. We provide equality of opportunity of benefits for all who apply and who perform work for our organisation irrespective of sex, race, age, ethnic origin, educational, social and cultural background, marital status, pregnancy and maternity, religion or belief, disability or part-time / fixed-term work, or any other status protected by applicable law. We encourage the same standards from our recruitment and third-party suppliers taking into account the context of grade, job and location. We also allow for reasonable adjustments to support people with individual physical or mental health requirements.
