Job ID 16035
Salary As per Organizational Salary Structure
No. of Opportunity 1
Experience 5 Years
Qualification Bachelor Degree
Opportunity type Job
Vacancy No. ITRO/HRD/AZB/001
Organization Azizi Bank
Duties & Responsibilities:
The Jobholder shall be accountable for the following tasks and responsibilities:
- Study the relevant local regulatory requirements related to IT Security Risk and international best practices in this domain. Ensure internal communication of the existing and new relevant requirements
- Stay updated on current advances in all areas of information technology concerning vulnerabilities, security breaches, or malicious attacks.
- Maintain and monitor progress of the IT Risk Profile including periodic reporting to management on possible security exposures and the corresponding mitigation activities.
- Maintain an understanding of the different computing environments in the Bank, including the controls in place, and recommend additional controls as needed.
- Continuously evaluate communication security, data vulnerability, and business continuity and compliance risks.
- Identify vulnerabilities or weaknesses in systems.
- Evaluate security policy, processes, and procedures for completeness.
- Ensure that controls are adequate to protect sensitive information systems.
- Clearly document and define risks and potential impacts along with the statistical probability of such an event and identify systems affected by the defined risk.
- Provide mitigation/ damage reduction proposals with cost justification.
- Assist in identifying breaches in the Bank’s security or tracking the source of unauthorized intrusion.
- Identify defensive steps to take, including necessary firewalls, security software, and data encryption.
- Recommend all infrastructure and applications patching and remediation be done.
- Recommend improvements in network security, identity management, and logging.
- Work closely with IT Management to help them manage the identified risks.
- Work closely with other Department Heads, Internal and External Auditors to identify system and data requirements (portfolio data, external manager data, and market price and rates data) as well as enhancements on the identified weaknesses in IT Risk Management.
- Provide support, education, and training in the domain of IT Security Risk to the Bank employees with a view to inculcate risk awareness within the Bank’s operational areas.
- Communicate recommended business continuity preparations and controls, including deficiencies, to business units.
- Continue with ongoing tasks with deliverables of good quality and on time. The scope of monthly / quarterly reports may grow.
- Coordinate with Operational Risk Section on IT risks/incidents in monthly reporting.
- An individual project will be assigned for design and implementing with Operational Risk Manager (i.e. database for reporting and analyses of operational risk).
- Other tasks and duties may be assigned if needs arise.
- The job holder shall report to the Operational Risk Manager/Chief Risk Officer and shall perform his activities independently from the IT and Business Departments.
Required qualifications and skills:
- Minimum five years of total experience with the most recent three years in a bank’s IT department or IT Security department.
- Extensive experience in IT systems security, and business process management in the financial services industry.
- Experience and/or training in internal controls or risk control frameworks.
- University degree (preferably Master’s) and Certificates to confirm his/her IT Risk management skills. The candidate must have relevant documented professional experience if no professional certificates are available.
- Preferably – previous experience in IT risk management or IT audit
- Previous experience in managing a team and/or dealing with senior employees.
- Demonstrated experience in working on cross-functional teams, performing activities in geographically dispersed environment, providing internal training and coaching of peers.
- Gradually increase the scope of monitoring to include new areas, as they may arise (IT, ADC and PMO, SWIFT, NOC, FlexCube, or any other IT related projects).
- Strong communication and report writing skills is must.
How to Apply:
Qualified applicants are encouraged to submit their resume with a detailed application letter and contact details, no later than May 05, 2023 to email@example.com
The name of position and vacancy number must be written in the subject line of your email otherwise your application may not be considered. Only shortlisted candidates will be contacted for the written test.