Senior Associate, Specialist Security Risk Assessment, Legal Compliance

Job Purpose

The Security Risk Assessment Specialist is responsible for identifying, evaluating, and mitigating security risks across DBS Bank India Limited (DBIL) operations, including its branches, ATMs, and outsourced service providers. This role plays a critical part in safeguarding DBIL's assets, personnel, and information by ensuring robust security measures are in place and continually improved. The specialist will work collaboratively with various stakeholders to maintain a secure operating environment aligned with global best practices and regulatory requirements.

Key Roles and Responsibilities

Security Risk Assessments & Management:

• Conduct comprehensive security risk assessments of DBIL Branches to identify vulnerabilities and threats.
• Perform security risk assessments of DBIL ATMs, ensuring identified security risks are addressed by relevant parties.
• Conduct security risk assessments of premises belonging to outsourced service providers as and when required, ensuring compliance with DBS security standards.
• Lead operational risk reviews for outsourced service providers prior to their on-boarding, focusing on physical and operational security aspects.
• Publish detailed security risk assessment reports to appropriate stakeholders and ensure the timely implementation of necessary corrective actions.
• Suggest and implement effective control measures to mitigate identified security risks.
• Monitor and review the effectiveness of existing security controls and recommend enhancements based on evolving threat landscapes and business needs.
• Develop and maintain a risk register for identified security risks, tracking their status and mitigation progress.

Stakeholder Management & Collaboration:

• Collaborate effectively with various business verticals across DBIL to understand their operations and integrate security considerations into their processes.
• Manage relationships with internal and external stakeholders, including business units, IT, legal, compliance, and third-party vendors, to ensure security objectives are met.
• Represent Physical Security in relevant committees such as the Information and Operational Risk Committee (IORC) and the IT Project Review Committee (ITPRC), providing expert input on security matters.
• Facilitate communication and awareness of security policies, standards, and best practices among stakeholders.

Policy & Compliance:

• Stay abreast of global security risk assessment methodologies, industry best practices, and regulatory requirements (e.g., local regulations, global banking security standards).
• Contribute to the development and refinement of corporate security policies, standards, and guidelines.
• Ensure all security risk assessment activities are conducted in compliance with internal policies and external regulations.

Investigation & Incident Support:

• Provide security expertise and support during security incidents and investigations, contributing to root cause analysis and preventative measures.
• Participate in post-incident reviews to identify lessons learned and improve future security postures.

Training & Awareness:

• Develop and deliver security awareness training programs for employees and relevant stakeholders on security risks and their mitigation.
• Promote a strong security culture within the organization.

Qualifications and Experience

• Bachelor's degree in security management, Risk Management, Information Technology, or a related field.
• Proven experience in conducting security risk assessments, preferably within the banking or financial services industry.
• Strong understanding of physical security systems, operational security processes, and relevant security technologies.
• Familiarity with global security standards, frameworks, and regulatory requirements (e.g., ISO 27001, RBI guidelines).
• Excellent analytical, problem-solving, and decision-making skills.
• Strong communication, interpersonal, and presentation skills, with the ability to articulate complex security concepts to diverse audiences.
• Demonstrated ability to work independently and collaboratively in a fast-paced environment.
• Experience in stakeholder management and influencing outcomes.
• Proficiency in drafting comprehensive reports and documentation.