Manage the closure of outstanding IT audit issues (TRAP) and respective corrective actions.
Support the Risk function in managing BCP, BIA, and DR capabilities.
Assist in the creation and updates of RCSAs and periodic control tests.
Proactively drive improvement in the risk profile of the Bank through the application of robust risk management techniques, working with stakeholders across the Technology Services organization.
Release Management
Ensure that release management tasks in the IT function are conducted to high standards, managing risk comprehensively and effectively.
Ensure resilience and timely delivery of releases to production.
Control Functions
Verify that change requests are submitted for weekend implementations and oversee the effective governance of change control meetings.
Develop and maintain IT procedures to document risk and control processes.
Monitor the implementation of IT control test plans and coordinate with Operational Risk to prepare risk reporting.
Liaise with Operational Risk and Information Security to perform control tests, support reporting of findings, and track corrective action plans.
Communication
Support the preparation of risk and control reports and documentation as required by senior management.
Ensure timely progress updates to Internal Audit, Information Security, and GBS stakeholders regarding outstanding risk issues.
Operational Resilience
Define and drive the agenda to deliver policies, procedures, and techniques to support operational resiliency across the Bank's technology.
Facilitate BIAs within IT to identify critical processes.
Support comprehensive and effective incident management processes.
Identify process risks and gaps in compliance for IT testing and resiliency and address them to prevent incidents.
Support, drive, and execute strong governance in the usage of cloud technologies.
Other Accountabilities
Develop UAE Nationals and support the Bank's Emiratization agenda as directed by Senior Management.
Undertake similar or related tasks and duties as directed by Senior Management.
Experience, Qualifications & Competencies:
Minimum Experience
At least 6 years of experience in an IT banking background, with at least 4 years in IT Security, IT Risk, or Information Security.
Working knowledge and experience in Banking Operations, Capital Markets, Corporate Banking, and technology-related risk issues.
Ability to prioritize and manage multiple tasks simultaneously.
Minimum Qualifications
A university degree in a technical STEM subject.
A postgraduate degree in a STEM subject is desirable.
Professional Qualifications
CISSP, CRISC, CCSK, CCSP, ISO, and SANS certifications.
Knowledge and Skills
Expertise in Technology Risk Management and Security Risk Management.
Familiarity with globally recognized security risk and technology risk management standards and techniques.
Knowledge in Cloud Security Risk Management, DevOps/DevSecOps, and Security Operations.
Strong understanding of Third-Party Risk Management and Security Architecture/Enterprise Architecture/Risk Architecture.
Proficiency in Technology Governance and Technology Compliance/Security Compliance.
Requirements
Core Competencies
Ability to design and provide advisory on solution quality technology controls techniques.
Strong written and verbal communication skills in English; Arabic is an advantage.
Strong influencing, stakeholder management, persuasion, and negotiation skills.
Excellent interpersonal skills.
Strong experience in managing, coaching teams, and building high-performing teams.
Leadership skills in a service and results-oriented culture.
Strong planning, execution, analytical, and time management skills.
Ability to build partnerships and interact with all organizational levels.
