Unit Head IT Risk Governance Management with Large Private Bank

Job Purpose:

This is an important role within overall IT Risk Management function. The incumbent develops and reviews the processes/ Polices related to Bank Technology to identify assess and mitigate technology risks associated with them. He / She works closely with IT Business teams other enabling functions to evaluate new technology existing technology and other regulatory requirements purely from Risk assessment and mitigation perspective. The incumbent creates assessment processes and comprehensive checklist for assessments in collaboration with other functions e.g. ISG Compliance Internal Audit Business Operations etc. Reviews it periodically and maintains the rigor of following it by all stake holders. The incumbent recommends necessary Key Risk Indicators related to IT environment to ensure a robust framework and close monitoring for Good Health of IT environment in the Bank with an objective to continuously improve systems availability. Also the incumbent reviews the processes related to New Solution implementation and Change Management to identify assess and mitigate risks associated with the IT environment. He / She works closely with IT team in the Bank to keep a close watch on Incidents Patch Management Capacity Management Technology Obsolescence DR / BCP etc.

He/She will have deep understanding of IT Audit IT Risk Management frameworks Technology related regulatory requirements for banking industry (RBI NPCI etc) and other related global standards. He/She will be an expert in understanding technology architectures development and deployment models IT lifecycle and working understanding of technologies like OS DB Network Infra PKI Key Management API Encryption Security related testing (SASTDAST) Dev-sec-ops etc.

Leadership Skills

• Develop and Lead a team of experienced resources to evaluate Technology risks based on their USPs Technology Bandwidth experience etc.
• Ensure the team has necessary expertise experience and knowledge to execute assessments and work closely with ITTMACother enabling functions to manage the relationships with Risk Management as the primary objective
• Sets high standards of due diligence ethical behaviour and integrity
• Collaborates in a very constructive manner with various other functions to balance Risk Management and Business enablement

Governance and Policy Reviews

• Periodically reviews the policies and procedures for continuous improvement & development of effective risk management framework for IT Risk Management
• Pursues and Monitors Regulatory Compliance requirements from IT Risk Management
• Risk identification measurement and Continuous controls
• Conducts programs to independent review of ITPP policies and processes to ensure they cover risks associated with them
• Review Performance and engagement of existing IT (Infra Apps front end middleware backend etc) to perform risk assessment
• Conduct risk identification assessment and drive mitigation. Review the appropriateness of controls related to ITPP
• Help in developing comprehensive on-going IT risk assessment and identify trends using advanced understanding of risk metrics (KRI) to measure control effectiveness and plan timely mitigation

Risk monitoring and timely reporting

• Articulating areas of concern and risk trends to the senior management for timely identification and mitigation
• Regulatory reporting related to IT Risk
• Assist in responding to regulatory indents queries
• Liaise with internal compliance team

Educational Qualifications

• Graduation: BE/B Tech
• Post Graduate: M Tech/ MBA / MCA etc.

Key Skills

• Strong Technical Background with hands on experience of developing and managing IT Risk Framework
• Ability to collaborate with multiple stakeholders
• Ability to participate in complex or large projects and initiatives involving IT teams and vendor providers
• Ability to work under pressures and for long hours as and when required
• Excellent analytical communications and interpersonal skills.
• Knowledge of competition & current trends in technologies used in banking /financial industry.

Experience Required

• Min. 15-20 years of experience in Technology Risk Management Risk Assessment R
• Experience in a variety of IT solutions / platforms
• Deep understanding of technology throughout lifecycle
• Ability to create processes/programs to identify assess monitor manage and report Technology risk
• Experience in highly regulated environment
• Experience in Technology Risk automation solutions and understanding of functionalities
• Upto date on latest in IT Risk industry and banking industry and how similar organizations are approaching the same
• Very good people management and understating how to bring best in team

IT Risk Management,IT Infra,IT Operations