Strategic Risk Management Professional
Maintain and continuously enhance the ICT risk management framework, ensuring alignment with regulatory requirements and industry best practices.
* Act as a driving force in strengthening the company's internal control framework and promoting a strong internal control culture across all business areas.
* Conduct thorough ICT risk assessments, maintain the ICT risk mapping, and support integration of ICT risk into the overall risk landscape.
* Lead comprehensive risk analyses related to IT projects, infrastructure changes, and critical applications; coordinate mitigation plans with IT, IT security, and other operational teams.
* Monitor the effectiveness of first-level controls (ICT and non-ICT), provide expert guidance on risk mitigation and control improvements.
* Perform second-level controls as defined in the Control Plan, including on non-ICT areas, and support the enhancement of first-level controls across all departments.
* Contribute to the management of ICT incidents by supporting root cause analysis, lessons-learned reviews, and follow-up on corrective and preventive actions.
* Ensure appropriate ICT risk governance is in place, contribute to relevant committees, prepare risk reporting, and escalate key risks to senior management and governance bodies.
* Monitor emerging ICT threats, regulatory changes, and market developments to strengthen the ICT risk management approach and ensure timely adaptation of the framework.
* Act as a key contact for business units on ICT risk matters, ensuring ICT risk considerations are embedded in key processes, projects, and change management initiatives.
* Support ICT risk awareness initiatives and contribute to training and communication activities.
* Support the oversight of key service providers (ICT and non ICT) to ensure resilience and risk management expectations are met.
* Actively contribute to the day-to-day activities of the Risk Management function, promoting a strong risk culture and continuous improvement across the organisation.
Key Responsibilities:
* Audit and assurance of ICT systems and processes
* Risk management strategy development and implementation
* Stakeholder engagement and communications
* Cross-functional collaboration and partnerships
* Data analysis and interpretation
* Process improvement and optimization
We offer a competitive compensation package and opportunities for professional growth and development.