Reports to: Head of IT and Cyber risk
- Update the technology risk management framework on an annual basis with the changes in the environment.
- Review technology policies, processes and procedures identify potential opportunities for improvement and alignment.
- Working across the technology department to analyze and better understand their risk profile.
- Review IT initiatives from technology risk perspectives and provide advisory and recommendation.
- Supervise the IT disaster recovery measures deployed across the group.
- Defining a risk and control methodology and framework to use in conducting risk assessments.
- Proactively managing risks so that there are no major incidents, breaches or examples of non-compliance.
- Adhere to, advise, oversee, monitor and enforce enterprise frameworks and methodologies that relate to technology controls activities.
- Assist in the definition of the technology risk appetite statements and monitor Key Risk Indicators (KRIs) against our technology risk appetite.
- Assist with the Technology Risk reporting operations, including scheduling key monthly meetings, monitoring key milestones, escalation of past due activities, problem triage and management.
- Increase awareness and enhance risk culture across the organization and provide day to day risk and control advise as trusted 2nd line subject matter expert.
- Deliver with minimal supervision.
- Avid researcher of best practices and happenings in the global cyber space.
- Engage key stakeholders on actions required.
- Team player and contributor.
- Strong problem-solving, persuasive skills and an ability to grasp abstract concepts and complex technology situations to challenge the status quo and further develop and build on our IT Risk Management Framework.
- Excellent communication skill, both verbal and written, with the ability to initiate and lead conversations with technology and business leaders and risk colleagues regarding anticipated and emerging issues.