We are seeking an experienced professional to take ownership of IT Risk and Security Management. The ideal candidate will ensure a robust risk management framework is in place and foster a proactive, risk-aware culture across the IT organization.
Requirements
🔸 Key Responsibilities
IT Risk and Security Management
- Ensure comprehensive IT risk management framework is established to identify, analyse, mitigate, manage, monitor, and communicate IT risks
- Ensure the IT risk appetite and tolerance levels are understood, articulated, and communicated, and that IT-related risks are identified and managed
- Promote an IT risk-aware culture and empower the teams to proactively identify IT risk, opportunity, and potential business impacts
- Work with Group CISO to ensure the implementation of security controls within GIT
- Oversee various risk assessment activities in GIT and ensure proper implementation of risk treatment options such as mitigation, transfer, acceptance, etc
- Deliver periodic risk profile reports and KRI reports to senior management
- Engage with leadership team to review IT risk profile and risk treatment strategies
- Manage Technology Risk Committee meetings and ensure closure of action plans
- Identify, agree, and manage various assurance initiatives and internal reviews across GIT
🔹 Requirements
- Proven experience in IT Risk Management and Security Governance roles
- Strong understanding of risk frameworks, controls, and mitigation strategies
- Experience working with senior leadership and cross-functional IT teams
- Excellent analytical, communication, and reporting skills
- Professional certifications such as CISA, CRISC, CISSP, or similar (preferred)
