Job purpose
This position will be responsible for identifying, assessing, and mitigating IT-related risks across the organization. This role will lead the development and implementation of risk management strategies, policies, and procedures to protect the company's assets and data.
Key accountabilities
- Develop and implement IT risk management policies and procedures in line with industry standards and regulations.
- Designing and implementing an overall IT risk management process for the organization
- Performing a risk assessment: Analyzing current risks and identifying potential risks and vulnerabilities that are affecting Bank assets.
- Prepare and present risk management reports to senior management and the board.
- Educate staff on IT risk management practices and promote a culture of security awareness.
- Ensure compliance of IT and IS with relevant regulations and standards (CBE Cyber Security Framework, ISO 27001, NIST).
- Oversee the incident response process related to IT risks and security breaches to identify the Root cause and the required controls.
- Develop risk control and Key risk indicators to be aware of potential threats that may lead to financial, regulatory and Compliance impact on the business.
- Ensure that the company meets its legal and regulatory risk requirements.
- Participate in risk contingency plans to tackle future risk management issues.
- Reviewing any new major contracts or internal business proposals related to technical projects.
- Ensure that IT risks are managed appropriately.
- Work closely with other departments to ensure comprehensive risk management across the organization.
Education
Bachelor's degree in computer science or Electronics & Communication Engineering or equivalent.
Knowledge
CRISC, CISSP, CISM, CISA, ISO 27001 LI/LA
Experience:
Minimum 10 years of technical & functional experience in banking sector and information Technology/security field
