The role participates in key projects and initiatives ensuring information risk is always considered and managed appropriately.

• Responsible for the Asia IS risk assessments of new and existing vendors in Japan and working with Category Managers in Procurement, BU contacts and contract owners, BU security officers and business continuity analysts.
• Perform on site visits of vendors as required.
• Assist in the development, maintenance, and implementation of information risk policies and procedures as well as the monitoring processes and measures to enforce those policies.
• Contribute to the development of IS risk processes that support Global Information Risk Management objectives.
• Perform contract reviews working with Legal as appropriate
• Develop reporting and insights to be used by executives, risk organization (Operational, Information, and Enterprise Risk Management), technology teams, and other key stakeholders.
• Build relationships with other teams, Audit Services, Global Information Risk Management, BCM, Compliance, Operational Risk Management, and other risk and control groups to develop integrated strategies to manage key areas of risk.
• Assist and actively participate in the team’s plans to achieve goals
• Participate in frameworks used to measure & report on progress towards the achievement of those goals., providing the utmost transparency.
• Be part of an active team who remains current on emerging risks and technologies, key developments and strategies for the businesses you support. Keep abreast of new thoughts, tools and approaches.
• Participate in key projects and initiatives ensuring information risk is always considered and managed.
• Subject matter expert who assists business partners and IT colleagues to identify, quantify then manage their information security risks.

• Bachelor’s degree in related field
• 10 to 15 years of relevant work experience,
• CISA or CRISC certifications
• Strong vendor management skills
• Leadership skills managing teams across the region
• Working knowledge of financial services and technology operation
• Ability to present to and work with all levels of management
• Ability to manage high visibility and high risk consequences
• Proven experience in technology audit, risk and/or compliance
• Effective communication, presentation, negotiation and influencing skills.
• Proven ability to quickly and easily adapt to changes within the business and organization.
• Recommends risk management approaches to business that balance business needs with known risk tolerances
• Able to explain and bring business specific context to key IRM principles
• Understands constraints that impact specific operations and decisions in their immediate area, business and/or division
• Communicates in a manner that is easily understood and actionable
• Is a powerful influence in a team environment
• Understands project management, gating processes and project planning
• Can independently manage work modules within a larger project plan or work breakdown schedule
• Provides and exhibits an expert understanding of specific technical concepts and solutions