📝 Chubb has strongly centralized IT governance that requires periodic self-assessment, audit, and remediation in place. In addition, Korea has strict local security regulation on financial companies, and it requires to have autonomous security operation including independent internal IT compliance audit practice. As Korea has greater number of IT asset and third-party vendors to manage compared to other countries, assigning dedicated GRC manager who supports the Asia Pacific Technology Governance, Risk and Compliance (APAC Tech GRC) by ensuring that COGK adheres to regulations and industry standards, as well as internal Chubb Technology & Information Security standards and controls is needed by performing the following roles and responsibilities:
Job Description
- Governance & Oversight
- Support Asia Pacific’s current Technology controls (based on NIST, SOX, PCI, ISO27001 and Internal Technology security standards) as well as regulatory Technology Compliance for countries that Chubb operates in.
- Support the Global Information Security and Global Technology Compliance teams in all future initiatives and projects.
- Assist in the collating and preparation of reports to Chubb senior management regarding adherence to Chubb’s minimum technology security controls, IT risks, IT audit findings, and remediation plans.
- Control Framework
- Assist in conducting periodic Technology Compliance assessments to identify deficiencies and provide guidance as to current industry best practices
- Produce, document, maintain and review IT policies and internal controls at various level of the organization in relation to the Technology standards and controls
- Assist in updating and maintaining Chubb’s IT Control Library with regards to changes in the APAC countries’ regulatory environment
- Technology Control Monitoring and Testing
- Facilitate and conduct Self Assessments across all APAC countries and work with them to proactively identify and remediate control gaps
- Report on the remediation activities (Management Action Plans) to ensure issues and risks are mitigated in a timely manner
- Support Technology Compliance Initiatives
- Support Technology Compliance certification activities throughout all APAC countries (such as SOC2, ISO27001)
- Work with Internal Audit to maximize the efficiencies of second and third level line of defense
- Support local IT teams in dealing with Internal and external auditors and regulators, as well as assist teams on answering audit queries
Qualifications
- At least 5 years of relevant experience in IT Governance, Risk Management, and Compliance
- Proficient in verbal and written English communication
- Experience in working in MNC or complex IT environment
채용 절차
• 서류검토 > 1차면접 > 최종면접 > 입사
📝 Chubb has strongly centralized IT governance that requires periodic self-assessment, audit, and remediation in place. In addition, Korea has strict local security regulation on financial companies, and it requires to have autonomous security operation including independent internal IT compliance audit practice. As Korea has greater number of IT asset and third-party vendors to manage compared to other countries, assigning dedicated GRC manager who supports the Asia Pacific Technology Governance, Risk and Compliance (APAC Tech GRC) by ensuring that COGK adheres to regulations and industry standards, as well as internal Chubb Technology & Information Security standards and controls is needed by performing the following roles and responsibilities:
Job Description
- Governance & Oversight
- Support Asia Pacific’s current Technology controls (based on NIST, SOX, PCI, ISO27001 and Internal Technology security standards) as well as regulatory Technology Compliance for countries that Chubb operates in.
- Support the Global Information Security and Global Technology Compliance teams in all future initiatives and projects.
- Assist in the collating and preparation of reports to Chubb senior management regarding adherence to Chubb’s minimum technology security controls, IT risks, IT audit findings, and remediation plans.
- Control Framework
- Assist in conducting periodic Technology Compliance assessments to identify deficiencies and provide guidance as to current industry best practices
- Produce, document, maintain and review IT policies and internal controls at various level of the organization in relation to the Technology standards and controls
- Assist in updating and maintaining Chubb’s IT Control Library with regards to changes in the APAC countries’ regulatory environment
- Technology Control Monitoring and Testing
- Facilitate and conduct Self Assessments across all APAC countries and work with them to proactively identify and remediate control gaps
- Report on the remediation activities (Management Action Plans) to ensure issues and risks are mitigated in a timely manner
- Support Technology Compliance Initiatives
- Support Technology Compliance certification activities throughout all APAC countries (such as SOC2, ISO27001)
- Work with Internal Audit to maximize the efficiencies of second and third level line of defense
- Support local IT teams in dealing with Internal and external auditors and regulators, as well as assist teams on answering audit queries
Qualifications
- At least 5 years of relevant experience in IT Governance, Risk Management, and Compliance
- Proficient in verbal and written English communication
- Experience in working in MNC or complex IT environment
채용 절차
• 서류검토 > 1차면접 > 최종면접 > 입사