Cyber amp IT Risk Manager - Arab Banking Corporation

Job Purpose:

To facilitate monitor and oversee the management of Cyber & IT Risks (risks related to IT Cyber/Information Security and Business Continuity) across ABC Group and to support the first line of defense (IT Cyber/Information Security and Business Continuity) in their respective Risk domains.

Principal Accountabilities and Deliverables of Role:

• Oversight/Monitoring of the implementation (progress) of policies and frameworks for IT Information/Cyber Security and Business Continuity by the first line in Bank ABC
• Supporting Cyber & IT risk management processes in the first line (IT Information/Cyber Security and Business Continuity) and in the second line (Risk Management department);
• Providing input from a Cyber & IT Risk perspective to proposals that are put forward to the New Products Committee
• Monitor the effectiveness of the controls implemented through the policies and frameworks for IT Information/Cyber Security and Business Continuity in the units via Key Risk Indicators.
• Analysis of risk data and translating same in action plans;
• Reporting of risks and status of risk management;
• Raising awareness and promoting best practices for the management and oversight of Cyber & IT Risk
• Assist in review of Key Performance Indicators for IT Cyber Security and Business Continuity
• Advise on Cyber & IT Risk matters (experts and nonexperts)
• Analysis of the Cyber & IT Risks in proposals and advice on mitigating actions to remain within the risk appetite of the Bank
• Develop improve and monitor Key Risk indicators
• Raise Issues and Action Plans and analyze Incidents
• Propose and perform Control Assurance when appropriate
• Produce easy to read reports with clear defined thresholds
• Draft slides with outcome of KRIs and analysis
• Provide trainings / Share incident analysis
• Provide a Cyber & IT Risk watch especially on emerging technologies

Job Context (Circumstances & environment surrounding the job):

Cyber & IT risks are considered among the top 3 risks for financial institutions (Cyber risk being a systemic risk). Regulators are more and more stringent with regards these risks that may lead either to a fraud or to a disruption of the financial ecosystem.

Against this backdrop Bank ABC has decided to further strengthen its 2nd line of defence Cyber IT & Fraud Risk management function manned by specialists.

The position of Cyber & IT Risk Manager is a new position.

Job Requirements:

Knowledge

• Extensive knowledge of the IT Risk IT Audit IT Security (incl. Cyber) and/or Business Continuity
• Practical working experience with IT risk & control frameworks;
• Broad knowledge of operational risk disciplines IT Risk Information Security Business Continuity and Disaster Recovery;
• Relevant knowledge of industry process control and risk frameworks e.g. CMMi ITIL COBIT ISO 2700x NIST ISO22300 CIS20;
• Strong practical experience with IT Risk Assessment frameworks tools and methodologies as applied to business processes business applications technology infrastructure and third parties
• Practical knowledge of Operational Risk tooling e.g. Governance Risk and Compliance applications (including reporting aspects)

Education / Certifications

• Master degree from a reputable university
• Formal academic credentials related to IT Risk (IT Information (Cyber) Security Risk Management Business Continuity);
• Appropriate qualifications (CISM CISA CISSP CRISC or equivalent).

Experience

• At least 5 years of relevant work experience

Personal Attributes

• Strong written & oral communication / presentational skills;
• Good timemanagement skills;
• Selfstarted / Proactive
• People management and relationship skills;
• Good PC skills (current applications).