Job Description
Accountabilities and Responsibilities:
- Risk Management
- Manage the closure of outstanding IT audit issues (TRAP) and respective corrective actions.
- Support the Risk function in managing BCP, BIA, and DR capabilities.
- Assist in the creation and updates of RCSAs and periodic control tests.
- Proactively drive improvement in the risk profile of the Bank through the application of robust risk management techniques, working with stakeholders across the Technology Services organization.
- Release Management
- Ensure that release management tasks in the IT function are conducted to high standards, managing risk comprehensively and effectively.
- Ensure resilience and timely delivery of releases to production.
- Control Functions
- Verify that change requests are submitted for weekend implementations and oversee the effective governance of change control meetings.
- Develop and maintain IT procedures to document risk and control processes.
- Monitor the implementation of IT control test plans and coordinate with Operational Risk to prepare risk reporting.
- Liaise with Operational Risk and Information Security to perform control tests, support reporting of findings, and track corrective action plans.
- Communication
- Support the preparation of risk and control reports and documentation as required by senior management.
- Ensure timely progress updates to Internal Audit, Information Security, and GBS stakeholders regarding outstanding risk issues.
- Operational Resilience
- Define and drive the agenda to deliver policies, procedures, and techniques to support operational resiliency across the Bank's technology.
- Facilitate BIAs within IT to identify critical processes.
- Support comprehensive and effective incident management processes.
- Identify process risks and gaps in compliance for IT testing and resiliency and address them to prevent incidents.
- Support, drive, and execute strong governance in the usage of cloud technologies.
- Other Accountabilities
- Develop UAE Nationals and support the Bank's Emiratization agenda as directed by Senior Management.
- Undertake similar or related tasks and duties as directed by Senior Management.
Experience, Qualifications & Competencies:
Minimum Experience
- At least 6 years of experience in an IT banking background, with at least 4 years in IT Security, IT Risk, or Information Security.
- Working knowledge and experience in Banking Operations, Capital Markets, Corporate Banking, and technology-related risk issues.
- Ability to prioritize and manage multiple tasks simultaneously.
Minimum Qualifications
- A university degree in a technical STEM subject.
- A postgraduate degree in a STEM subject is desirable.
Professional Qualifications
- CISSP, CRISC, CCSK, CCSP, ISO, and SANS certifications.
Knowledge and Skills
- Expertise in Technology Risk Management and Security Risk Management.
- Familiarity with globally recognized security risk and technology risk management standards and techniques.
- Knowledge in Cloud Security Risk Management, DevOps/DevSecOps, and Security Operations.
- Strong understanding of Third-Party Risk Management and Security Architecture/Enterprise Architecture/Risk Architecture.
- Proficiency in Technology Governance and Technology Compliance/Security Compliance.
RequirementsCore Competencies
- Ability to design and provide advisory on solution quality technology controls techniques.
- Strong written and verbal communication skills in English; Arabic is an advantage.
- Strong influencing, stakeholder management, persuasion, and negotiation skills.
- Excellent interpersonal skills.
- Strong experience in managing, coaching teams, and building high-performing teams.
- Leadership skills in a service and results-oriented culture.
- Strong planning, execution, analytical, and time management skills.
- Ability to build partnerships and interact with all organizational levels.
