- 上海, 上海市, 中国
- Morgan Stanley
See job description for details
This role for Technology Risk officer within MS Technology Risk organization is to provide risk support to the QAPM* organization. The role is part of a global team of Risk Officers who ensure technology and information risks are effectively identified, assessed, controlled, managed and reported. They provide risk management awareness through effective communication, consultation and service to the client. This opportunity will provide the individual with a chance to directly engage in regulatory responses and work with multiple teams across Asia.
The role has a reporting line to the Asia QAPM Risk Officer. The individual will be part of a larger team of risk officers regionally and globally. The individual will be expected to be involved in regional stability and change management analysis, reporting, and presentation.
*QAPM (Quality Assurance and Production Management) provides global Production Management and Quality Assurance services for Institutional Securities and Support Services applications. Support functions include Incident and Problem Management, Plant Management/Engineering, and Capacity Management. Complementing these direct support activities are cross divisional QA services, which include QA Environment Management, QA Tooling and Data Masking.
Key Roles and Responsibilities
- Coordinate regional IT audit/regulatory activities and reporting, negotiations, and responses on behalf of QAPM
- Identify, Record and Track QAPM Divisional Risks and follow-up actions
- QAPM Divisional Information Security monitoring response
- Perform advisory role for matters related to local market regulations, Firm Policy & procedures, division procedures and best practices
- Build strong relationships with Senior IT, Business, Operational Risk, Internal Audit and Compliance stakeholders across the region to drive continuous improvement on IT Risk governance processes
- Manage and deliver region specific IT Risk Management-driven changes and firm-wide remediation programs
- Ensure disaster recovery, business continuity and stress testing standards are defined, documented and conducted regularly
- Promote risk education and awareness as well as provide senior management summaries
- Communicate and ensure Asia Regional Incident/Problem/Change management requirements are met
- IT Professional with 3+ years of experience in IT Risk, Information Security or similar subject-matter
- Experience in the financial services industry; preferably in an investment bank with sales and trading, finance, operations, technology or internal audit background
- Knowledge of Software development lifecycle, change management and stability either through IT project management or developer/quality assurance/support experience
- Knowledge of ITIL best practices and practical experience
- Excel skills for analysis and PowerPoint skills for presentation
- Excellent verbal and written skill with ability to create high quality written products that are comprehensive, accurate, and tailored to the audience
- Outstanding interpersonal skills with the ability to work effectively with all levels of the organization with excellent influencing and negotiation skills.
- Strong organizational skills and an ability to manage multiple demands and changing priorities
- Strong analytic and problem solving/process improvement skills; ability to learn quickly and solve poorly defined problems
- Fluency in Mandarin (reading, written and spoken)
- Fluency in Japanese (reading, written and spoken)
- Knowledge and practical experience of the regulatory environments within Asia
- Understanding of Operational Risk and associated regulations (e.g., Basel, SOX), and the associated application to a technology division within Financial Services.
- Certifications (1 or more is desirable)
· ISACA Certification (CISA, CRISC, CISM, CGEIT);
· PMI Certification (CAPM, PMP, etc.);
· ITIL Certification (Foundation, Practitioner (General), Service Manager, Practitioner (Specialist)
Bachelor's Degree or equivalent