Career
Senior Technology Risk Specialist
Risk Management
|
Permanent
Risk Management
Permanent
About Us
Do you want to be part of Thailand banking transformation? Data is the core of the new financial services era, and we are open for the opportunity to be part to drive this change at the core.
SCB DataX is a new venture of SCBx, the mothership of the financial technology business group comprising Siam Commercial Bank (SCB) and other subsidiaries, a leading financial services and digital services holdings in Thailand and ASEAN.
As part of the transformation of SCBx group of product and technology companies, under the SCBx brand, SCB DataX is the technology company to centralize data and provides AI/ML and data science services and products to the SCBX and its subsidiaries.
With a leading-edge cloud native data & AI platform, our vision is to support the group to providing everyone in our region with the opportunity to prosper.
We work on forward-thinking challenges of centralizing, analyzing and sharing information. We collaborate with companies and experts in many different domains, embrace diversity and all that while having a good laugh and joy in work.
Discover job openings on our career page. To apply, email with the role's title as the subject, attach your CV, and specify your contact information. We're eager to learn more about you.
I acknowledge that I have read and agreed to DataX's Terms and Conditions and Privacy Notice
Benefits
Other
Preferred Qualifications
Qualifications
Bachelor’s degree or higher in Information Technology, Cybersecurity, Risk Management, or a related field.
Relevant work experience at least 3 years of experience in technology risk management, with a minimum of 3 years in a any technology role. (For the senior specialist, at least 5 years of experience in technology risk management, with a minimum of 3 years in a any technology role.)
Proficiency in identifying, evaluating, and mitigating technology risks.
Knowledge of regulatory requirements such as BOT or SEC, and best practices in IT governance.
Familiarity with risk management frameworks and tools, such as NIST, ISO 27001.
Ability to effectively communicate risk-related information to stakeholders at all levels both Thai and English.
Responsibilities
Operate technology & information security (IT & IS) risks adhere to DataX and SCBX group risk management frameworks, policies, guidelines, processes and procedures, including exception mechanisms. The IT & IS related risks scope for DataX organization and every service which DataX provides to SCBX group companies.
Collaborate closely with the SCBX Technology Risk team to ensure that the implementation of technology risk management policies, standards, and processes is fully aligned with the group’s strategic direction and governance approach.
Work closely with stakeholders across the organization, 1LoD and 2LoD:
Assist and monitor them to identify potential IT & IS risks, assess impacts, by applying technology risk management tools.
Ensure the effectiveness of risk mitigation, tailored to the business needs and operations, which should be done in a timely manner.
Continuous monitoring risk mitigation or any treatment strategies such as exemption or acceptance.
Assess the effectiveness of IT & IS controls. Implement continuous monitoring of the controls.
Ensure all technology risk activities are conducted in the GRC tool as centralized repository.
Oversight technology incidents, analyze the root cause, challenge and monitor the action plans.
Regular report technology risk indicators and incidents, for effectiveness of risk measurement and early warning for technology risk trends.
Regularly review the risk register to ensure it covers every area in technology risk taxonomy. Addition to address new and evolving threats and risks.
Work closely with project owners to perform effectiveness of IT Project Risk management. Assist stakeholders in validating risk assessments, which comprise analyzing, identifying, describing, and quantifying risks that impact all business risks.
Work with procurement and related functions to enforce IT & IS requirements into third party evaluation process and operate to ensure the effectiveness of IT third party risk management process.
Incorporate IT & IS risk awareness into new hire orientation, annual training, and other events.
Join the related meetings if need, such as Change Advisory Board (CAB) and/or Technology Steering Committee (TSC).
About Team & Role
At DataX, we recognize the critical role that effective risk management plays in our operations. DataX Risk Management division is responsible for data governance, privacy, security, technology risk, operational risk, model risk, business continuity, legal and compliance. We are tasked with development and execution of risk management strategies and ensuring the integrity of our processes and the safeguarding our organization. This role sits within IT & IS Risk of the Risk Management division.
As a dynamic and innovative AI/ML startup operating in the fintech industry, we are seeking a motivated and skilled Technology Risk Senior Specialist/ Specialist to join our team. This role offers an exciting opportunity to contribute in design and development of our risk management processes in a fast-paced environment.
In this role, you will be exposed to new ways of working, new risk management techniques, complex business model, and a collegial working environment. This role reports to DataX Chief Risk Officer (CRO).