IT Digital Risk Officer

Responsible for identifying assessing and mitigating IT and digital risks that may impact the organization. This role will work closely with various teams to ensure the security and integrity of the organization's IT systems and data.

The IT Risk Officer will be responsible for conducting and challenging Root Cause Analyses (RCAs) for ITrelated incidents identifying controls and control gaps in digital processes and supporting the bank’s digital transformation initiatives. This role requires a proactive individual with a strong understanding of IT risk management and digital transformation.

Key Accountability Area

1. Conduct comprehensive risk assessments to identify prioritize and document IT and digital risks including cyber threats data breaches and system failures.

2. Develop and implement detailed risk mitigation plans with specific actions to reduce or eliminate identified risks.

3. Identify assess and prioritize IT and digital risks including cyber threats data breaches and system failures.

4. Develop and maintain a risk register to track and monitor risks.

5. Respond to Digital IT and risk incidents promptly and effectively following established incident response procedures.

6. Investigate digital and IT incidents contain the breach and implement corrective actions to prevent future occurrences. Document incident response activities and conduct postincident reviews to identify lessons learned.

7. Risks to IT Infrastructure including Cloud and other such sources to be identified along with drivers and management actions recommended.

8. Review DevOps processes developments controls and recommend actions thereof

9. Review the digital landscape of the bank from a risk perspective and recommend mitigations thereof.

10. Root Cause Analysis (RCA):Conduct and challenge RCAs for ITrelated incidents to identify underlying issues and recommend corrective actions.

11. Control Identification:Identify and assess controls within digital processes ensuring they are effective and aligned with the bank’s risk management framework.

12. Control Gap Analysis:Identify control gaps in digital processes and recommend improvements to mitigate risks.

13. Digital Transformation Support:Collaborate with digital transformation teams to ensure IT risks are identified and managed effectively.

14. Conduct regular risk assessments to identify vulnerabilities and ensure compliance with security standards.

15. Plan and execute regular audits and assessments to evaluate the effectiveness of digital and IT controls identify vulnerabilities and recommend corrective actions.

16. Work closely with IT and Information Security to integrate security into system design development and operations. Provide guidance and support on security best practices.

17. In collaboration with IT and Information Security Evaluate select configure and maintain security tools such as firewalls intrusion detection systems and encryption solutions.

18. Work Closely with IT and Information Security to develop implement and maintain comprehensive security policies procedures and standards that align with industry best practices and regulatory requirements. Ensure that these policies are communicated and understood by all employees.

19. Stay uptodate with the latest cybersecurity threats vulnerabilities and industry trends.

20. Carry out additional tasks as assigned by the line manager such as participating in IT security projects conducting Information Security awareness training

21. Provide support and expertise on IT and Information security matters as needed.

22. Perform other tasks as required by Line Manager

Qualifications / Education

Bachelor’s degree in related discipline.

Years of Experience:

Minimum 68 years of experience in IT Risk

Preferred Professional Certificates (if applicable)

ITIL (Information Technology Infrastructure Library)

and Certified Information Systems Auditor (CISA)

Skills

Information Technology, Proactive, Risk Assessment, Devops, Information Security, Accountability, Compliance, Itil, Strong Understanding, Cybersecurity, Trends