Compliance Manager(天津渣打内部职位,薪资福利优厚)
奥解思信息技术(上海)有限公司
- 公司规模:500-1000人
- 公司性质:外资(欧美)
- 公司行业:计算机软件
职位信息
- 发布日期:2012-08-02
- 工作地点:天津
- 招聘人数:1
- 工作经验:五年以上
- 学历要求:本科
- 语言要求:英语精通
- 职位类别:合规经理
职位描述
Scope of Role:
? Assist Head, Technical Services Support in coordinating, driving and directing effective compliance and operational risk management at the operation unit level.
? Implement controls within the operation unit to meet all regulatory and internal requirements.
? Ensure proper functioning of day-to-day controls, periodic monitoring activities and timely resolution of risk issues.
? Establishing the Company information security stance through Group policy, architecture and training processes. This will include the selection of appropriate security solution and oversight of any vulnerability audits and assessments
? Lead and manage the Static Data Unit ( Transfer to other banking ops from mid of July) and Security Administration Unit
Key Responsibilities/Challenges:
? To be the source of reference within the support unit in facilitating and promoting the understanding of OR and compliance requirement
? Lead and support implementation of OR initiatives for the operation unit.
? Pro-activity communicates with the Support Unit Head on operational risk issues. Escalate significant events to Support Unit Head
? Coordinate and consolidate Operational risk and loss reporting of the unit for the reporting to the FORC and Operation Unit Head. Ensure data accuracy and completeness.
? Design and implement control measures and monitoring plan for compliance and operational risk management. Ensure effectiveness of controls for compliance monitoring and risk management.
? Undertake and/or coordinate periodic business monitoring (self-assessment) activities within the support unit and escalate findings and or breaches to Support Unit Head when they occur.
? Ensure risks and issues identified are resolved in an appropriate and timely manner
? Assist BORM in the implementation of OR framework and other relevant OR initiatives.
? Identify gaps and arrange training on compliance and OR for staff.
? Supervising the SDU & SAS performance to meet the SLA and compliance with bank and regulatory requirements.
? Maintain the Company Information security documents (policies, standards, baselines, guidelines and procedures).
? Create and maintain the Technical Services Support Business Continuity Plan and Disaster Recovery Plan.
? Ensure the enforcement of information security documents.
? Supervise the design and execution of vulnerability assessments, penetration tests and security audits.
? Perform regular information security awareness training for all employees to ensure consistently high levels of compliance with enterprise security documents.
? Maintain up-to-date knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
? Comply with Group Operation Risk Management Framework and be responsible for ensuring relevant reports are accurate, complete and timely.
Selection Criteria:
Formal Education & Certification
? University degree in the field of computer science and/or 5 years equivalent work experience.
? One or more of the following certifications:
o GIAC Security Essentials Certification
o GIAC Security Leadership Certification
o ISACA Certified Information Security Manager
o Microsoft Certified Systems Engineer: Security
o (ISC)2 SCCP
o (ISC)2 CISSP
o (ISC)2 ISSAP
Knowledge & Experience
? Extensive experience in enterprise security architecture design.
? Extensive experience in enterprise security document creation.
? Experience in designing and delivering employee security awareness training.
? Experience in developing Business Continuity Plans and Disaster Recovery Plans.
? Experience in managing of staff of 5 to 15 individuals
? Strong understanding of IP, TCP/IP, and other network administration protocols.
Personal Attributes
? Proven analytical and problem-solving abilities.
? Ability to effectively prioritize and execute tasks in a high-pressure environment.
? Strong business acumen to understand business impact and risks in the Banking environment.
? Good written, oral, and interpersonal communication skills.
? Ability to conduct research into IT security issues and products as required.
? Ability to present ideas in business-friendly and user-friendly language.
? Highly self motivated and directed.
? Keen attention to detail.
? Team-oriented and skilled in working within a collaborative environment.
- Minimum 4 years of relevant working experience in J2EE development
- J2EE technology: Java, Servlet, JSP, EJB, MVC
- XML technology: XML, XSLT, Xalan, Xerces
- Javascript, HTML
- Struts Framework
- Web Server
- Application Server (Preferably Websphere)
- Database (Preferably DB2 V8)
- MQ Series (a plus)
- Actuate Reporting tool (a plus)
- Windows 2000, NT XP, AS400 (a plus)
- Good English speaking and writing skills
? Assist Head, Technical Services Support in coordinating, driving and directing effective compliance and operational risk management at the operation unit level.
? Implement controls within the operation unit to meet all regulatory and internal requirements.
? Ensure proper functioning of day-to-day controls, periodic monitoring activities and timely resolution of risk issues.
? Establishing the Company information security stance through Group policy, architecture and training processes. This will include the selection of appropriate security solution and oversight of any vulnerability audits and assessments
? Lead and manage the Static Data Unit ( Transfer to other banking ops from mid of July) and Security Administration Unit
Key Responsibilities/Challenges:
? To be the source of reference within the support unit in facilitating and promoting the understanding of OR and compliance requirement
? Lead and support implementation of OR initiatives for the operation unit.
? Pro-activity communicates with the Support Unit Head on operational risk issues. Escalate significant events to Support Unit Head
? Coordinate and consolidate Operational risk and loss reporting of the unit for the reporting to the FORC and Operation Unit Head. Ensure data accuracy and completeness.
? Design and implement control measures and monitoring plan for compliance and operational risk management. Ensure effectiveness of controls for compliance monitoring and risk management.
? Undertake and/or coordinate periodic business monitoring (self-assessment) activities within the support unit and escalate findings and or breaches to Support Unit Head when they occur.
? Ensure risks and issues identified are resolved in an appropriate and timely manner
? Assist BORM in the implementation of OR framework and other relevant OR initiatives.
? Identify gaps and arrange training on compliance and OR for staff.
? Supervising the SDU & SAS performance to meet the SLA and compliance with bank and regulatory requirements.
? Maintain the Company Information security documents (policies, standards, baselines, guidelines and procedures).
? Create and maintain the Technical Services Support Business Continuity Plan and Disaster Recovery Plan.
? Ensure the enforcement of information security documents.
? Supervise the design and execution of vulnerability assessments, penetration tests and security audits.
? Perform regular information security awareness training for all employees to ensure consistently high levels of compliance with enterprise security documents.
? Maintain up-to-date knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
? Comply with Group Operation Risk Management Framework and be responsible for ensuring relevant reports are accurate, complete and timely.
Selection Criteria:
Formal Education & Certification
? University degree in the field of computer science and/or 5 years equivalent work experience.
? One or more of the following certifications:
o GIAC Security Essentials Certification
o GIAC Security Leadership Certification
o ISACA Certified Information Security Manager
o Microsoft Certified Systems Engineer: Security
o (ISC)2 SCCP
o (ISC)2 CISSP
o (ISC)2 ISSAP
Knowledge & Experience
? Extensive experience in enterprise security architecture design.
? Extensive experience in enterprise security document creation.
? Experience in designing and delivering employee security awareness training.
? Experience in developing Business Continuity Plans and Disaster Recovery Plans.
? Experience in managing of staff of 5 to 15 individuals
? Strong understanding of IP, TCP/IP, and other network administration protocols.
Personal Attributes
? Proven analytical and problem-solving abilities.
? Ability to effectively prioritize and execute tasks in a high-pressure environment.
? Strong business acumen to understand business impact and risks in the Banking environment.
? Good written, oral, and interpersonal communication skills.
? Ability to conduct research into IT security issues and products as required.
? Ability to present ideas in business-friendly and user-friendly language.
? Highly self motivated and directed.
? Keen attention to detail.
? Team-oriented and skilled in working within a collaborative environment.
- Minimum 4 years of relevant working experience in J2EE development
- J2EE technology: Java, Servlet, JSP, EJB, MVC
- XML technology: XML, XSLT, Xalan, Xerces
- Javascript, HTML
- Struts Framework
- Web Server
- Application Server (Preferably Websphere)
- Database (Preferably DB2 V8)
- MQ Series (a plus)
- Actuate Reporting tool (a plus)
- Windows 2000, NT XP, AS400 (a plus)
- Good English speaking and writing skills
公司介绍
At Optimum Solutions, we are proud of being IT Partners of choice of several medium and large global organizations. Since our inception in 1997, we have grown by addressing the evolving needs to our of our customers and contributing our best towards their growth and success.
We take pride in our continued long term partnership with various medium and large sized global companies, many of who are in the list of Fortune 1000 companies. Such a long term relationship is a testimony to the value we provide through our services. Over 80 percent of our business every year is from existing relationships. Our clients span a wide range of industries, including: Banking and Finance, Manufacturing, Distribution, and Technology.
We are primarily serving our customers in the US and Singapore market. Our development centers are located both in Singapore, Shanghai and India.
We take pride in our continued long term partnership with various medium and large sized global companies, many of who are in the list of Fortune 1000 companies. Such a long term relationship is a testimony to the value we provide through our services. Over 80 percent of our business every year is from existing relationships. Our clients span a wide range of industries, including: Banking and Finance, Manufacturing, Distribution, and Technology.
We are primarily serving our customers in the US and Singapore market. Our development centers are located both in Singapore, Shanghai and India.
联系方式
- Email:Scarlett.Shi@theoptimum.cn
- 公司地址:地址:span上海市张江高科技园区郭守敬路498号浦东软件园8幢501-503室