Vice President, Information Security Risk Analyst

  • Competitive
  • Singapore
  • Permanent, Full time
  • Bank Of America / Merrill Lynch
  • 20 Aug 17

Vice President, Information Security Risk Analyst

Job Description:
About Bank of America Merrill Lynch:
Our purpose as a firm is to make financial lives better, through the power of every connection. Across the world, we partner with leading corporate and institutional investors through our offices in more than 40 countries. In the U.S alone, we serve almost all Fortune 500 companies and approximately 59 million consumers and small-business customers. We provide a full suite of financial products and services, from banking and investments to asset and risk management. We cover a broad range of asset classes, making us a global leader in corporate and investment banking, sales and trading.
Connecting Asia Pacific to the World
Our Asia Pacific team is spread across 23 offices in 12 markets. We are focused on connecting Asia to the world and the world to Asia, using our global expertise to ensure success is shared between us, our clients and our communities. Our regional footprint covers 12 currencies, more than a dozen languages and five time zones, placing us firmly among the region's leading financial services companies.
Bank of America Merrill Lynch is committed to attracting, recruiting and retaining top diverse talent from across the globe. Our diversity and inclusion mission is to actively promote an inclusive work environment where all employees have the opportunity to achieve personal success and contribute to the growth of our business. Each of our global Employee Networks bring together employees, create dialogue and awareness in support of our Diversity and Inclusion.

Key Responsibilities
This position will be a member of the Global Information Security team, covering the region (12 Countries) and will play a key role in managing the information security risk portfolio (as per GT&O risk management framework) for Global Information Security in APAC, including regulatory compliance and quality assurance areas. Delivery of services involves strong working partnerships and close coordination with Subject Matter Experts and business stakeholders at various levels in the Organization.

Key Requirements

  • At least 5+ years of risk management experience with proven ability to effectively apply risk principles to challenging business situations;
  • Facilitate identification of cybersecurity risks through partnerships & close coordination with various groups (SMEs, Team Leads, Risk, Compliance partners) within Global Information Security and external risk partners.
  • Good understanding of information security risks in financial services or an equivalent regulated industry.
    Strong analytical skills/problem solving/conceptual thinking and business acumen to understand the risk impact and severity of discovered vulnerabilities on the overall information security portfolio.
  • Engages with Business Information Security Officers to understand the needs of the lines of business and risks/issues affecting the lines of business. Excellent Communication & Articulation skills with a varied set of business stakeholders.
  • Good understanding of regulatory requirements in APAC impacting cybersecurity in the Financial services space.
  • Improve/develop Quality assurance activities within the regional control areas to ensure appropriate focus on risk reduction within defined timelines.
  • Supports execution of risk deliverables and participates in regional and global risk management routines.
    Understanding of ISO 27001 / NIST Cybersecurity / OWASP / IT Governance frameworks
Desired Job Skills
  • Bachelors' and/ or Master's degree
  • At least one professional certification - CISSP, CISM, CISA,CRISC or risk management certificate(operational risk/enterprise risk)
  • Experience with cyber security risk frameworks
  • Previous knowledge of and experience engaging in critical application/ infrastructure /Third Party protection processes
  • Demonstrated ability to multi-task in a matrixed reporting environment
  • Strong analytic skills and fact-based decision making\
  • Proven ability to communicate complex information in simple terms (oral and written)
  • Strong organization skills with the ability to prioritize requests and workload accordingly
  • Influence horizontally and vertically across the organization and diverse audiences

Posting Date: 17/07/2017
Location: SG--Singapore

Full / Part-time: Full time
Hours Per Week: 40