• Manager / AVP Jobs in Mumbai,India - 25674602

  • Save Job
  • 8 - 12 Years
  • Posted : above 1 month

Job Description:

It is a part of the 2nd line of
defense under the Banks Chief Cyber & Technology Risk Officer The
department has responsibility for identification of key technology risks to the
Bank and influencing business and technology partners to take sound risk
management decisions This is achieved by delivering - Application &
Infrastructure Risk Assessments working with the Business and Technology
teams to identify security issues in existing and new systems, and agree
corresponding actions to mitigate or accept risks Tracking issues and agreed
actions to completion - Horizontal Risk Assessments Assessing technology
risks in relation to a particular theme or technology across the organisation
Examples could be assessments of the firewall change process, applications
processing >$5m per day, applications hosted in the cloud, etc - Vertical Risk
Assessments - Assessing risks to a product, service, technology or
infrastructure For instance we may complete a vertical assessment on our
remote working solution (including Infrastructure, applications, data, threats
etc) or our Internet connectivity - Partnership to the Business and Technology
teams in helping them understand their technology risk profile and influencing
their risk management decisionsPosition Purpose
Responsible for the development and implementation of an enterprise-wide
ICT risk governance program Successful candidate will have proven track
record of developing and implementing risk management programs in global
organizations, with robust knowledge of technology, risks, architectures and
related tools Prior ICT risk experience (IT, Cyber, Cloud, IAMetc) &
exposure to the Financial Services industry is a must Experience with GRC
tools and NIST standards is preferred
Individual will develop and communicate ICT Risk Policies to ensure that ICT
risk considerations are accounted for in all the banks initiatives Negotiation
and Conflict Management skills an absolute must Bank is undergoing a
significant tech and ops reorg/transformation including outsourcing functions,
streamlining and refactoring applications Will support this effort from an
independent risk assessment of these projects and will present findings to
board and exec committees Excellent presentation & executive presence skills
necessary Experience interacting with regulatory agencies is required
Direct Responsibilities
Governance and Oversight
Support in establishing IT & Cyber Risk Management Program for the bank
within the three lines of defense model in alignment with the Group Risk
Management Framework
Support effective implementation and communication of Operational risk
management policies and guidelines
Support and oversee management of security and technology risks of core
systems and applications
Oversee the Operational risk management infrastructure and ensure
practices are consistent with regulatory expectations and industry sound
Provide IT & Cyber risk management consulting to the business, technical
and operations groups
Support Establishing appropriate risk management governance committees
arrange agendas and chair meetings as appropriate
Help establish GRMs oversight model for the IT and Operations
Transformation projects including the review of major outsourcing partners
Risk Management Environment
Identification & assessment Ensure that the identification and assessment
of operational risks are effectively done across the organization by correlating
input from Audit Findings, Internal Loss Data Collection & Analysis, External
Data Collection & Analysis, Risk Control Self Assessments, Business Process
Mapping, KPIs & KRIs, Scenario Analysis, Quantified Measurement &
Comparative Analysis Monitoring & Reporting Implement a process to regularly monitoring
operational risk profiles and material exposure to losses and provide
appropriate reporting mechanisms to the board, senior management and the
business lines Data capture and operational risk reporting should be
continuously enhanced and provide a feedback loop to enhance risk
management policies, procedures and practices
Control & Mitigation improve the effectiveness of the Internal Controls
programme by reviewing the control environment, risk assessment process,
control activities, information and communication and monitoring activities
Assess operational risk response strategies Validate risk transfer options
Contributing Responsibilities
Enhance the India CoE by taking initiatives with the local team
Technical & Behavioral Competencies

Extensive experience conducting technical risk assessments to
identify ICT risks and designing mitigation controls in (at least 3) of the
following areas
o Application Security
o IT Technologies (End User Computing, Infrastructure
Computing, Middleware, Storage Solutions)
o Cloud & Virtualization Technologies (IaaS, PaaS, SaaS)
o Communication Technologies (Networking including SDNs,
Segmentation, Wireless & Mobile)
o Application Development/SDLC (Agile & Waterfall)
o Data Management (including Data Mining)
o Networks and Network Security
o Identity & Access Management Security
o Threat & Vulnerability Management
o Encryption Technologies & Key Management
- 7 years of relevant experience
- On hand experience on dealing global stakeholders
- Good know how on Technology Risk Policies and Procedures reviews
- Excellent Presentation skills
-Ability to articulate risk management concepts to all levels of the organization
- Good listening and analytical skills being able to come to a thoughtful and
business focused conclusion quickly;
- Ability to co-operate and work well with others adopting an approachable
style Important as we work closely with a large and diverse set of suppliers
and customers;
- Ability to see the customer perspective, ie from a business point of view, the
most secure solution is not always workable or realistic considering costs and
- Demonstrating a calm professional approach, with a good understanding of
delivery within time constraints and the need to escalate/inform departmental
management as appropriate;
- Adapting personal approach to suit situations, individuals, groups and
cultures Flexible in relation to getting the job doneTeam-player focus on the success of the whole team Working well both with
others, as well as individually;
- Taking accountability for their actions and be open and honest when things
have gone wrong, and celebrating successes when things have gone well;
- Being rigorous and thorough especially when logging and tracking issues
through to conclusion;
- Demonstrating a high-level of commitment and self-motivation, combined with
enthusiasm and a genuine interest in the role of Risk Assessment in business
- Ability to express views clearly and fluently, both orally and in writing
Specific Qualifications (if required)
Industry certification in Information/ Cybersecurity like CISSP, CEH, AWS/
Azure etc
Skills Referential
Behavioural Skills (Please select up to 4 skills)
Personal Impact / Ability to influence
Communication skills - oral & written
Ability to deliver / Results driven
Client focused
Transversal Skills (Please
select up to 5 skills)
Ability to understand, explain and support change
Ability to set up relevant performance indicators
Ability to develop and adapt a process
Ability to manage a project
Analytical Ability
Education Level Bachelor Degree or equivalent
Experience Level At least 7 years
Other/Specific Qualifications (if required)

Profile Summary:

Employment Type : Full Time
Eligibility : Any Graduate
Industry : IT-Software
Functional Area : IT Software : Software Products & Services
Role : System Security
Salary : As per Industry Standards
Deadline : 15th Jul 2020

Key Skills:

These free online tutorials may interest you

People who search this job also searched for the following Keywords

Salary trends based on over 1 crore profiles

View Salaries

All rights reserved © 2020 Wisdom IT Services India Pvt. Ltd DMCA.com Protection Status