IT Risk & Control Governance Lead
Description:
Role Details : The IT Risk & Control Governance Lead is a mid/ senior role within the bank responsible for overseeing and managing all aspects of IT risk and controls governance.
This position requires a deep understanding of IT risk management, compliance, and regulatory requirements, as well as the ability to develop and implement effective governance strategies to mitigate risks.
The role involves collaborating with cross-functional teams, driving continuous improvement, and ensuring the bank's IT operations align with industry best practices.
Job Description : Develop and maintain a comprehensive IT risk and controls framework, ensuring it aligns with the bank's strategic objectives and regulatory requirements.
Conduct regular risk assessments to identify potential IT risks and vulnerabilities.
Establish and enforce IT policies, procedures, and standards to ensure compliance with relevant laws and regulations.
Lead the development and execution of risk mitigation strategies, including implementing controls and monitoring mechanisms.
Collaborate with IT teams to assess the design and effectiveness of IT controls and identify areas for improvement.
Monitor and report on the status of IT risk and controls, highlighting key issues and trends to senior management.
Stay updated on industry trends, emerging threats, and regulatory changes that may impact the bank's IT risk landscape.
Foster a culture of risk awareness and compliance across the organization through training and awareness programs.
Provide guidance and support during internal and external audits, ensuring findings are addressed promptly.
Prepare and present IT risk and controls reports to senior management and board committees.
Education and Work Experience : Minimum of 10 years of experience in IT management, information security.
Should possess knowledge of network and security tools, digital channels and email security, Active Directory management, Network Access Control, Data Loss Prevention, Firewall and IPS management, Web Application Firewall, expertise in Cloud security tools, etc.
The role requires the ability to navigate and mitigate risks associated with diverse IT components, ensuring comprehensive security measures across various facets of the technology environment.
Strong analytical and problem-solving skills with the ability to assess complex IT risks.
Excellent communication and interpersonal skills to effectively collaborate with cross- functional teams and senior stakeholders.
Proven experience in developing and implementing IT risk and controls frameworks.
Ability to stay current with evolving IT risk trends, threats, and technologies.
(ref:hirist.tech)