AVP/VP - Technology Risk Management - BFSI

AVP/VP - Technology Risk Management

- The role will be responsible to manage effectively the day-to-day operational/technology risk management and requirements across business units and support functions

- Partner, support and liaise closely with the Operational Risk Management team to implement all key operational risk components/ programs applicable to different business functions.

- The operational risk components include Information Technology, Information Security, Business Continuity, Vendor Management, Regulatory Compliance and Control Validation etc.

- Ensure that inventory of processes, risks and controls for business functions, perform periodic risk and control self-assessment of these processes are up-to date.

- Ability to perform Risk Control Self-Assessment (RCSA) and Thematic Assessment for Technology & Information Security Units

- Ability to perform Root Cause Analysis (RCA) for Technology & Information Security related processes

- Contribute to the review of internal policies and processes and assist in identifying potential opportunities for improvement

- Defining & Assessing Key Risk Indicators (KRI) Metrics for Technology and Information Security related processes

- Responsible for Third Party Assessment of vendor and partners

- Ability to perform assessment of IT General Controls (ITGC) for Technology & Information security related processes

- Develop and maintain periodic risk reporting to stakeholders for effective tracking and reporting of risk items and issues across business functions

- Monitor and track all the findings of the control validation reviews and self-identified issues using the corporate tools & controls

- Relevant professional experience of Operational & Technology Risk

- Demonstrate and apply a thorough understanding of complex information systems

- Resolve problems independently and understand escalation procedure

- Relevant professional experience including working knowledge or high level awareness of Technology services and processes

- Communicate effectively with customers, teammates, and management

- Staying up-to-date with emerging security threats including applicable regulatory security requirements and regulatory guidelines

- Understanding of emerging Technology

- A recognized university degree in accounting, business, information technology, engineering, mathematics or other relevant discipline

- CISA/CRISC/CISSP or related professional certifications a plus