IT & IS Risk Manager (PH/SG)

Capital Region, Iceland
Posted on Thursday, March 30, 2023
Join the Pioneer Crypto Brand in the Philippines!
Coins is the most established crypto brand in The Philippines and has gained the trust of more than 18 million users. Through the easy-to-use mobile app, users can buy and sell a variety of different cryptocurrencies and access a wide range of financial services.
Coins is fully regulated by the Bangko Sentral ng Pilipinas (BSP) and is the first ever crypto-based company in Asia to hold both Virtual Currency and Electronic Money Issuer licenses from a central bank.

What you'll do

  • Develops and/or reviews IT / IS risk management framework, policies and protocols.
  • Perform and monitor risk assessments exercises, which comprise analyzing, identifying, measuring, and mitigating risks that impact all key business processes and systems.
  • Coordinate and execute IT /IS risk assessments and reviews, providing risk-based recommendation.
  • Prepare risk management and business contingency plans to develop a business continuity plan that will help to decrease risk factors.
  • Develop and maintain good communication channels with other risk partners, such as Operational Risk Management, Outsourcing Risk Management, etc.
  • Creates and presents IT / IS risk reports and proposals to the Head of Risk Management and Head of GRC, executive leadership, and senior staff.
  • Oversees and reviews the insurance policies of the company related to IT / IS.
  • Help raise risk awareness, provide education and training to employees inside the organization.
  • Create and maintain an external network with other senior IT risk managers, and relevant risk forums.
  • Maintain awareness of changes in IT industry standards, best practices, and risk landscape to maintain professional competence

What we expect from you

  • Must have analytical capabilities to analyze and detect prospective risks and vulnerabilities
  • Must have excellent written and verbal communication skills with other IT risk management professionals to properly appreciate the company’s key risks and create effective risk management solutions
  • Must have a thorough understanding of IT systems, networks and infrastructure components and a working knowledge of numerous computer programming languages
  • Must possess leadership abilities to motivate and manage their teams. If a threat happens, offer employees support, make suggestions, and manage the potential risk
  • Able to solve technical problems analytically and successfully manage information collection, analysis, reports, and other tasks. The IT Risk Manager must have outstanding problem-solving skills
  • Must be familiar with applicable banking regulations

Required Qualification

  • Bachelor’s degree in Accountancy /Finance/ Computer Science/ Information Systems or related field
  • Over 5 years work experience in IT risk management, compliance, audit or other relevant experience (e.g., IT Governance/ Information Security/ IT Compliance)
  • Experience with non-IT process reviews and/or integrated audits with data analytics application
  • Strong working knowledge on the following IT-related processes: a) IT General Controls; b) Cyber/ Information Security and Data Privacy; c) IT Operations; d) IT Governance and risk management process; e) Business Continuity Management; f) Systems Development Life Cycle; g) Change Management; h) IT Application Controls
  • Familiarity with IT control frameworks and standards such as COBIT, ITIL, NIST-CSF, and ISO 27001
  • Demonstrated success in identifying IT and security risks in complex technology environment and providing recommendations on controls/processes to mitigate the risks.
  • Well-developed organization and project management skills with proven ability to effectively manage time, prioritize, and handle multiple concurrent tasks
  • Good written and verbal communication skills, ability to communicate from process owners to senior management

Preferred Qualifications

  • With professional certification in IT audit, IT risk and governance, and information security (e.g. CRM/ISO 31000/CISA/ CISSP/ COBIT5/ ISO 27001 Lead Auditor/ CRISC)
  • Experience in performing reviews or audits of AWS cloud security- and operations-related services.
  • Familiarity with CI/CD process and related tools
  • Familiarity with AWS Elastic Kubernetes Services and related integrations to AWS
  • Working knowledge of SOC1, SOC2 and/or data privacy reviews
  • Experience in development, integration, and application of data analytics in audit methodology
Join the Coins Team Now!
Meaningful Collaborations - The successful candidate will work cross-functionally with other relevant teams to carry out implementations that will improve and create an impact on customer experience.
Scalable Growth - Be part of a fast-growing organization with the vision to expand its territories outside APAC which will provide opportunities for career advancement.
A Space For Bright Ideas - Let your bright ideas be converted into meaningful changes! Coins culture welcomes new ideas backed up by data to create an impact.