Develop, embed, maintain and implement IT Risk Management framework, policies and procedures for EBC
Performing risk assessments on IT systems and solutions, identifying and assessing potential IT risks and vulnerabilities, monitor emerging threats, and collaborate with cross-functional teams to implement effective risk management measures
Transform the risk assessment exercise into recommended strategies for risk mitigation and action points, follow up with the concerned owners
Prepare and present risk management reports to different stakeholders
Educate staff on IT risk management practices by deliver Risk awareness for EBC staff
Oversee the incidents and incident response process related to IT systems and services to ensure identifying of the Root cause and implementing the required controls
Develop the Key risk indicators to monitor potential threats that may lead to business disruption, financial, compliance and reputational impact achieving the company objectives
Reviewing new contracts or internal policies and procedures related to technical scope
Assess the IT related changes to ensure that IT risks are managed appropriately and minimizing the impact that could affect IT systems and services.
Maintain IT risk register and events log and control assessments
Continuously improving and updating the IT risk management practices, and controls monitoring
Serve as a subject matter expert to technology teams for IT risk management requirements.
Requirements
Bachelor's degree in computer science or Electronics & Communication Engineering or technology-related field or equivalent certification & experience related to IT Risks.
Minimum 10 years of demonstrated technical & functional experience in Risk Management, IT Risk management and information Technology field in banking sector or fintech or consultancy firms
Required Licensed or certifications: One or more of the following CISA, CRISC, ISO 31000, ISACA IT Risk Fundamentals or similar certifications strongly preferred
Working knowledge in two or more of the following IT and risk domains: infrastructure, SDLC, service management, data protection, privacy, IT risk management, third-party risk management
Working knowledge of emerging IT risks and risk-intelligent adoption of new and existing technologies
Ability to multi-task, prioritize work and work independently
Good communication and presentation skills
Ability and willingness to learn new subject areas
