Website Risk and Fraud Management
As a second line of defense, IT Risk Manager is responsible to assist Country Head of Risk and
Fraud to identify, assess, mitigate, report and monitor IT Risk & Cyber Security Risk across
TrueMoney in accordance with IT Risk policy and procedures and regulations set by BSP. The role holder is also accountable for communicating all IT Risk Management policies and procedures as well as designing, developing and implementing IT Risk Assessment (ITRA), IT related Key Risk Indicator (KRI), IT related Key Control Indicator (KCI) together with relevant stakeholders. The responsibility also includes coordinating with compliance / internal & external audit to address all concerns on regulatory requirement & regulatory findings / audit findings.
Duties and Responsibilities:
- Acts as a second line of defense to proactively manage IT and Cyber Security Risks to ensure that IT remains aligned with business strategy, objectives and needs.
- Provide training on IT Risk Management and all the IT Risk related policies and procedures to the first line of defense.
- Communicate changes in IT Risk Management Framework and all the IT Risk policies and procedures to the first line of defense and ensure that they are understood by all stakeholders.
- Work closely with stakeholders to conduct IT Risk Assessments on new and existing processes, products and services prior to launch and assure that material risks are appropriately identified and mitigated.
- Revisit/update IT Risk Assessment (ITRA) when there is a new emerging risk / audit or regulatory finding at least once a year or as needed.
- Ensure that action plans are directed at the root cause of the identified risk/loss/ exception on IT Risk Assessments are appropriate, prioritized and sustainable to mitigate residual risks. Also, assure that there is an assigned owner for each action and target dates of each action are realistic to avoid overdue issues.
- Report significant risk / loss to Country Head of Risk & Fraud, Country Managing Director and Country Audit and Risk Management Committee.
- Propose control improvements, enhancements and simplifications where appropriate.
- Coordinate with compliance / internal and external audits to solve regulatory / audit findings, track aging, periodic follow up to ensure that all findings are remediated by committed timeliness and that the actual root cause are being addressed.
- Socialize significant risk & loss events as well as audit & regulatory findings and conduct lessons learned to create awareness.
- Manage the end to end Audit & Risk Management Committee process ensuring high quality IT Risk dashboards are circulated to the committee members and minutes are drafted on a timely basis with all actions clearly documented and proactively followed up.
- Bachelor’s Degree in Computer Science, MIS or a related discipline.
Postgraduate degree in a relevant field is a plus.
- Minimum 3 years experience on IT Risk Management from the banking
- Professional certifications (CRISC, etc.) would be a plus.
- Excellent communication skills (speaking, reading & writing)
- Strong analytical skills and attention to details
- Self-starter and self-driven with the ability to work in a fast-paced environment and manage multiple tasks in parallel
To apply for this job email your details to email@example.com