Key Responsibilities
. Implement policies and frameworks for IT security and risk management
· Performing internal control system and network review and risk assessments as directed by Head of
Operational Risk Unit/ORM.
· Developing and implementing IT security policies and procedures
· Identifying and evaluating new security threats and vulnerabilities
· Monitoring and reporting on IT security incidents
· Raising awareness of IT security risks and best practices to employees
· Collaborating with other IT professionals to ensure that security is integrated into all aspects of IT
operations
· Work in designing process/map/route in systems aim at observing the design and operating
effectiveness of Bank’s IT general control, application controls, and complimentary user entity
controls over financial reporting across multiple environments.
· Assist in identifying and advise more control for mitigating IT process gaps to reduce technology risks
noted in IT System.
· Report to the line supervisor any significant discrepancies or deficiency in control and process
amongst departments on technology risk/issue.
· Monitor and Follow activities in Operational Risk Management Framework including RCSA programs,
finding out root causes of incidents in Operational Risk reports, review and updating KRIs from
operational functions in the bank within technology risk projection.
· Coordinate and deal with technology risk owner under operational risk program in terms of
collecting loss incidents, KRIs and holding RCSA workshops.
· Prepare Master Plan for ORMU Trip with conduct pre-trip tasks and fieldwork to GIT, then prepare
RCA reports and document evidence.
· Build and maintain respectful and effective communication and relationship with teams,
managements and staffs of areas under review.
· Other tasks to be assigned by line manager.
Key competencies required for this role
. Be able to travel to Provinces
· Concern for Quality & Standards
· Demonstrates Initiative
· Developing People
· Results Orientation
· Develops and Applies Business Knowledge
· Planning & Co-coordinating
· Influences Outcomes
· Supporting & Managing Change
. Building Relationships & Networks
· Succeeding Through Collaboration
· Legislative and Regulatory Requirements
· Knowledge and Application of Procedures and Policies
Experience Profile
. Acceptable qualifications in Bachelor Degree of information technology or cybersecurity or other
equivalencies;
· A minimum of at least 1 years’ experience in information system (for experienced only) logical
access, technology risk function, IT security and/or other IT operation.
· Understanding of, and experience applying, internal control concepts for business processes from
an IT compliance focus.
· Good understanding of banking activities and experience in relevant functions;
· Highly motivated and committed;
· Good written and oral communication and problem solving skills;
· Computer literacy;
· Good problem identification & resolution skills and
· Polite, friendly, reflective, communicative, reliable, honest and single-minded