Senior IT Risk Officer (Ascend Money)

location_on Bangkok

About the role

We seek person in IT risk, Operational risk, who can work with a cross-functional team of technical and non-technical i.e., Security, procurement, IT, finance, Compliance and legal to help develop our third-party vendor risk evaluation process to effectively aggregate risk of vendors (Third-party vendors) starting from selection and on-going program.


  • Implement Third party – Vendors management policy and ensure that all activities and efforts are consistent with company policies, guidelines and in alignment with regulatory guidance
  • Design policies and procedures that support the successful implementation 
  • Recommendations to related team on opportunities for risk mitigation based on established risk tolerance.
  • Establish questionnaire, checklist, and risk score for vendors evaluation process
  • Partner with co-workers to coordinate the implementation of third-party controls and mitigation plan
  • Perform on-going review based on Third party risk factors i.e., risk level, performance, complaints & issues
  • Facilitate the assessment of new and review existing third-party inherent risk, using questionnaires to collect and document risk ratings
  • Review completed risk assessments and confirmed completion of due diligence prior to agreement signature
  • Responsible for adhering to third-party risk metrics supporting completeness, accuracy, and timeliness of third-party risk activities
  • Assists with gathering data and providing information during Internal Audit Reviews and Regulatory Examinations
  • Support the design and implementation of third-party risk operating models, identifying, evaluating, and providing solutions to evaluate complex business and technology risks
  • Drive continued operational and automation improvements to improve operational efficiency.
  • Support ad-hoc data analysis 


  • 3-5 years of Risk Management or Third -party Management experience in banking, payment company or a related industry.
  • Bachelor’s degree in Management Information Systems, Computer Science, or related field.
  • Knowledge skill: IT/Security standard, ISO standard, Risk management, third-party Management, business risk analysis and making complex business/risk trade-off recommendations and decisions
  • Experience developing and refining technical and business operational processes.
  • Ability to communicate clearly with technical and non-technical teams across multiple businesses; written, verbal, presentation, and interpersonal skills.
  • Effectively manage multiple projects and priorities in a fast-paced, deadline-driven environment.
  • Works effectively as an individual and part of a team.
  • Strategic thinking with the ability to see/understand the big picture.
  • Track record for being detail-oriented with a demonstrated ability to self-motivate and follow-through on projects.
  • Ability to solve problems and bring clarity to ambiguous situations.
  • Analytical and quantitative skills to use hard data and metrics to back up assumptions and develop business cases.