Job
Description
As a Digital Program Specialist in IT Risk and Program Management at the Asian Infrastructure Investment Bank (AIIB) in Beijing, China, you will play a crucial role in managing the Banks IT supply chain risks, IT outsourcing, third-party security, cloud services, and embargo and sanction risks related to IT vendors and products. Your responsibilities will include: - Conducting IT security and risk due diligence on vendors and third parties during the corporate procurement stages. - Collaborating with corporate procurement, legal, compliance, and IT teams to ensure vendors security risks and embargo and sanction risks are assessed. - Leading the Third-Party Security Assessments (TPSA) program to evaluate, mitigate, and monitor security risks associated with IT vendors and suppliers, including outsourcing supplier, cloud service providers, open-source technologies, and product security. - Coordinating IT outsourcing management activities to ensure alignment with the Banks outsourcing management requirements. - Supporting the Team Lead of IT Risk, Resilience and Cyber Security in overseeing the Responsible AI Governance framework, policies, and standards. - Conducting ongoing risk assessments of AI use cases and systems, and implementing tailored oversight and risk controls based on use case criticality and AI maturity. - Coordinating with various IT and business teams to support IT security and risk initiatives, ensuring alignment with bank requirements and industry best practices. - Tracking, analyzing, and reporting on the effectiveness of IT security and risk programs using key metrics and data insights. - Supporting internal and external IT audits, ICFR control testing, risk control assessment, etc. - Managing vendors, including procurement, contracting, performance management, etc. Qualifications required for this role include: - Bachelor's degree in computer science, information security, data science, risk management, or a related discipline. Master's degree would be a plus. - 5-8 years of relevant working experience in IT risk and program management and relevant fields, preferably with financial institutions. - Hands-on experience conducting due diligence and third-party security risk assessments. - Strong knowledge of IT outsourcing risk, cloud risk, AI risk, embargo and sanction risk. - Familiarity with cloud security principles and cloud-native security solutions on Azure and AWS. - Strong understanding of information security, AI, and privacy standards, frameworks, and compliance requirements. - Certifications such as CISSP, CISM, CRISC, PMP, and ISO 27001 Auditor would be an advantage. - Strong business acumen and the ability to balance technical security needs with business priorities. - Ability to work effectively in a multicultural organization. - Excellent written and oral English language skills. - Strong data analysis, reporting, writing, and communication skills, with the ability to interpret complex data and prepare clear, actionable reports and insights for executive-level stakeholders. - Excellent project management skills and attention to detail. Join AIIB to contribute to creating a prosperous and sustainable Asia while advancing your career in a diverse and innovative environment.,
