Reporting to the Head - Risk Management, the incumbent will be responsible to establish and maintain the IT Risk Framework and its associated controls and reporting. He/ She will develop/ promote the control of the IT related Risk management and Information Security activities undertaken. This would include participation in the creation of policies and the execution of process undertaken to ensure compliance with these policies. The IT Risk Manager supports the Head of Risk Management to maintain and improve the IT related risk management activities.
- Maintain and Enforce the System Risk management and Information Security Risk management framework/ methodology/ Policies & Standards.
- Improve and promote the System Risk and Information Security Risk related activities.
- Organize, conduct and perform System Risk and Information Security Risk assessment and gap analysis process.
- Identify key Risks unique to mobile/ digital solutions of the Bank.
- Organize and perform the System Risk assessment and gap analysis of various IT related projects.
- Document and confirm compliance with the Information Security requirement for System Development Life Cycle.
- Monitor compliance with the Security Standards, Policy and Architecture.
- Perform all other duties as assigned by the Management.
- Identify all key implementation/ operational readiness, oversight and technology (IT and IS) Risks.
- Identify principle Key Risk Indicators for the same.
- Recommend monitoring methodologies opposite these key Risks for ongoing assessment purposes.
- Recommend third party vendor Risk assessment tools and best practices.
- Must have good knowledge of applicable Risk Management practices required to create a culture of Risk Management compliance for his or her area.
- Identify, assess and monitor applicable Risks based on Risk Management policies and procedures.
- Exhibits best practice Risk management skills through effective internal Risk controls, Risk monitoring, Risk assessment and improvement of Risk management processes.
The ideal candidate must have:
- Minimum Bachelor's degree or equivalent. Professional qualification/ certification in Risk & Information Systems Controls is a must.
- More than 5 years' experience in IT Risk management and/or IT Audit related activities of the financial industry, preferably in Mobile/ Digital Environment.
- Sound Project Management Skills.
- Good communication skills on a business level.
- Good interpersonal & People Management skills
Equal Opportunity employer and Females are encouraged to apply.