China Technology Risk Officer

  • Competitive
  • 上海, 上海市, 中国
  • 未指明
  • Morgan Stanley
  • 2017-06-22

See job description for details

Job Specification

The Asia Technology Department is seeking an experienced Technology Risk professional to join the Technology Information Risk team in China.

The mission of the Technology Information Risk division is to enable the Firm to manage its technology and information related risks through implementing proactive, comprehensive and consistent risk management practices across the Firm to protect the franchise while capturing business opportunities. The China Technology Risk Officer role is a leading member of the team to carry out the Firm's global risk governance agenda across all business entities in China. This role will also drive project initiatives to develop new processes to fulfill regulatory technology risk requirements.

The primary focus of this role is to:
- Help develop, operationalize and support programs in the Technology Risk Management area. This requires working with regional Technology Risk counterparts, Technology groups, and China non-Technology groups like Compliance, Supplier Risk Management, Operational Risk and Internal Audit
- Help legal entity risk officers to maintain the legal entity technology policies/standards in alignment with both firm?s objective, and regulatory expectations
- Provide centralized co-ordination and support during technology related internal/external audit and regulatory examination in China.
- Help identify Technology related risks and subsequently monitor, track and manage remediation actions. Areas and examples for these analyses include vendor and supplier related risks, stability and incidents etc.
- Participate in various China Technology Governance Committee meeting to provide technology risk updates


University Degree
Industry Certification such as CISA, CISSP, CISM, CRISC

Skills / Experience Required:
- Strong familiarity with Technology Risk Management concepts and regulatory environment in financial firms, experience in China is preferred
- Previous IT risk control or audit experience
- Strong understanding of financial industry businesses and how they leverage technology
- Thorough knowledge of regulatory requirements and Technology risk management processes including Technology governance, information security, business continuity planning, systems development, project management, and supplier management
- Strong analytical skills required to enable independent research and accurate assessments of risk management process effectiveness and adherence to regulatory requirements.
- Outstanding verbal and written communication skills and both Chinese (Putonghua) and English.
- Excellent interpersonal skills Ability to work effectively with all levels of the organization.
- Excellent influencing and negotiation skills
- Ability to draft high quality written products that are comprehensive, accurate, and tailored to the audience
- Strong organizational skills and an ability to manage multiple demands and changing priorities. Detail oriented
- Willingness to travel domestically and occasionally internationally
- 7+ years of relevant Technology Risk, IT Security and Information Security experience