Job description
Develop, embed, maintain and implement IT Risk Management framework, policies and procedures for EBC.
Performing risk assessments on IT systems and solutions, identifying and assessing potential IT risks and vulnerabilities, monitor emerging threats, and collaborate with cross-functional teams to implement effective risk management measures.
Transform the risk assessment exercise into recommended strategies for risk mitigation and action points, follow up with the concerned owners.
Prepare and present risk management reports to different stakeholders.
Educate staff on IT risk management practices by deliver Risk awareness for EBC staff.
Oversee the incidents and incident response process related to IT systems and services to ensure identifying of the Root cause and implementing the required controls.
Develop the Key risk indicators to monitor potential threats that may lead to business disruption, financial, compliance and reputational impact achieving the company objectives.
Reviewing new contracts or internal policies and procedures related to technical scope.
Assess the IT related changes to ensure that IT risks are managed appropriately and minimizing the impact that could affect IT systems and services.
Maintain IT risk register and events log and control assessments.
Continuously improving and updating the IT risk management practices, and controls monitoring.
Serve as a subject matter expert to technology teams for IT risk management requirements.
Bachelor’s degree in computer science or Electronics & Communication Engineering or technology-related field or equivalent certification & experience related to IT Risks.
Minimum 10 years of demonstrated technical & functional experience in Risk Management, IT Risk management and information Technology field in banking sector or fintech or consultancy firms.
Required Licensed or certifications: One or more of the following CISA, CRISC, ISO 31000, ISACA IT Risk Fundamentals or similar certifications strongly preferred.
Working knowledge in two or more of the following IT and risk domains: infrastructure, SDLC, service management, data protection, privacy, IT risk management, third-party risk management.
Working knowledge of emerging IT risks and risk-intelligent adoption of new and existing technologies.
Ability to multi-task, prioritize work and work independently.
Good communication and presentation skills.
Ability and willingness to learn new subject areas.
Ability to work within a fast-paced environment.
Excellent analysis skills.
Project management skills is plus.
This job post has been translated by AI and may contain minor differences or errors.
