We are seeking an experienced Technology Risk Management (TRM) professional to join our team. This role is responsible for implementing and overseeing the TRM framework for the Local Business Unit (LBU), ensuring alignment with organizational and regional requirements. The role involves risk identification, assessment, and reporting, along with fostering a strong risk culture across stakeholders. If you have deep expertise in IT risk, cybersecurity, infrastructure management, and can drive strategic initiatives while collaborating with multiple teams, this is an excellent opportunity to make an impact.

KEY ACCOUNTABILITIES

- Implement TRM Framework: Implementation of the Local Business Unit (LBU) Technology Risk Management (TRM) framework, ensuring alignment with local and regional requirements.

- Provide Expertise and Guidance: Offer technical and best practice guidance on information and technology risk, taking into account platform-specific and regional complexities.

- IT Risk Indicators: Manage and review standardised IT key risk indicators/metrics submission from all various IT Functions for analysis and early identification of risk trends.

- Risk Appetite and Key Metrics: Establish and roll out the information and technology risk appetite and key risk metrics for effective management oversight.

- Risk Register Monitoring: Proactively monitor the LBU risk register and escalate any potential risk areas for Group-level reporting, ensuring risks are appropriately rated and mitigated.

Collaborate with various stakeholders:

- Risk Culture: Promote a strong risk management culture across LBU stakeholders, focusing on managing information and technology risks effectively.

- Support Periodic Risk Reporting: Assist the LBUs 2nd line ORM/ERM in ensuring timely and accurate reporting of information and technology risk matters to the LBU risk committee.

EXPERIENCE / QUALIFICATIONS-

- Minimum 5 years of relevant experience, with compulsory experience in Technology or Risk Management/Audit.

- Candidates should demonstrate experience in identifying, managing, and reporting risks and controls in at least three or more of the following areas:

IT Infrastructure Management: Networks, platforms (e.g., IBM, Unix, Windows), middleware, and databases.

IT Operations: Data center management, backup, batch processing, incident and problem management.

Application and Interface Security: Ensuring secure development practices.

Application Development and Change Management (SDLC): Experience with the full software development lifecycle.

IT Project Management/Delivery: Overseeing projects from initiation to completion in any specific risk / technology capacity.

Third-Party Risk Management: Managing vendor risks effectively.

IT Service Management: Familiarity with frameworks such as ITIL.

Identity and Access Management (IAM): Experience with tools like SailPoint, CyberArk.

Cybersecurity: Familiarity with frameworks like NIST, and experience with security tools and operations.

- Analytical, meticulous, self-starter with strong written and spoken communication skills in English a must.

- Ability to multi-task and handle tight deadlines.

- Proficient in Microsoft office tools.

- Candidates with the relevant certifications in areas such as Technology Risk Management, Technology Audit, IT Management, Cybersecurity, Cloud, Software Engineering, or Project Management will have additional advantage. Examples include: