Cyber & IT Risk Manager Cyber & IT Risk Manager …

Arab Banking Corporation
à Manama, Capital Governorate, Bahrein
CDI, Plein-temps
Dernière candidature, 19 févr. 20
Competitive
Arab Banking Corporation
à Manama, Capital Governorate, Bahrein
CDI, Plein-temps
Dernière candidature, 19 févr. 20
Competitive
Cyber & IT risks are considered among the top 3 risks for financial institutions (Cyber risk being a systemic risk). Regulators are more and more stringent with regards these risks that may lead either to a fraud or to a disruption of the financial ecosystem. Against this backdrop Bank ABC has decided to further strengthen its 2nd line of defence Cyber, IT & Fraud Risk management function, manned by specialists. The position of Cyber & IT Risk Manager is a new position.

Job Purpose:

To facilitate, monitor and oversee the management of Cyber & IT Risks (risks related to IT, Cyber/Information Security and Business Continuity) across ABC Group and to support the first line of defense (IT, Cyber/Information Security and Business Continuity) in their respective risk domains.

Principal Accountabilities and Deliverables of Role:

  • Oversight/Monitoring of the implementation (progress) of policies and frameworks for IT, Information/Cyber Security and Business Continuity by the first line in Bank ABC
  • Supporting Cyber & IT risk management processes in the first line (IT, Information/Cyber Security and Business Continuity) and in the second line (Risk Management department);
  • Providing input from a Cyber & IT Risk perspective to proposals that are put forward to the New Products Committee
  • Monitor the effectiveness of the controls implemented through the policies and frameworks for IT, Information/Cyber Security and Business Continuity in the units via Key Risk Indicators.
  • Analysis of risk data and translating same in action plans;
  • Reporting of risks and status of risk management;
  • Preparation of the Group Operational Resilience Committee.
  • Raising awareness and promoting best practices for the management of Cyber & IT Risk
  • Develop Key Performance Indicators for the implementation of IT, Information/ Cyber Security and Business Continuity policies and frameworks to monitor progress in terms of implementation
  • Advise on Cyber & IT Risk matters (experts and non-experts)
  • Analysis of the Cyber & IT Risks in proposals and advice on mitigating actions to remain within the risk appetite of the Bank
  • Develop, improve and monitor Key Risk indicators
  • Raise Issues and Action Plans and analyze Incidents
  • Propose and perform Control Assurance when appropriate
  • Produce easy to read reports with clear defined thresholds
  • Provide trainings / Share incident analysis
  • Provide a Cyber & IT Risk watch especially on emerging technologies

Committee Responsibilities:

Attend and present at Group and Local Risk Committees when requested.

Job Requirements:

Knowledge

Extensive knowledge of the IT Risk, IT Audit, IT Security (incl. Cyber) and/or Business Continuity

  • Practical working experience with IT risk & control frameworks;
  • Broad knowledge of operational risk disciplines, IT Risk, Information Security, Business Continuity and Disaster Recovery;
  • Relevant knowledge of industry process, control and risk frameworks, e.g. CMMi™, ITIL, COBIT, ISO 2700x, NIST, ISO22300, CIS20;
  • Strong practical experience with IT Risk Assessment frameworks, tools and methodologies as applied to business processes, business applications, technology infrastructure and third parties
  • Practical knowledge of Operational Risk tooling e.g. Governance, Risk and Compliance applications (including reporting aspects)

Education / Certifications

  • Master degree from a reputable university
  • Formal academic credentials related to IT Risk (IT, Information (Cyber) Security, Risk Management, Business Continuity);
  • Appropriate qualifications (CISM, CISA, CISSP, CRISC or equivalent).

Experience

  • At least 5 years of relevant work experience

Personal Attributes

  • Strong written & oral communication / presentational skills;
  • Good time-management skills;
  • Self-started / Pro-active;
  • People management and relationship skills; and
  • Good PC skills (current applications).
Close
Loading...