Job Purpose
The selected candidate will report into the Principal Analyst, GTT-GRC and support efforts to:
- Provide advisory services to Enterprise Architecture (EA), Infrastructure and Service Operations (ISO) teams with regards to technology best practices, compliance requirements and risk mitigation controls;
- monitor and report on the timely and appropriate remediation of IT risks and issues;
- maintain oversight of regulations, circulars and notifications relevant to IT operations and controls, and accordingly advise IT project and technical teams;
- prepare regular reports covering risk findings, vulnerabilities, KPIs and KRIs, and service improvements across ISO and EA Services, to be communicated to Senior/Executive Management, while tracking related actions and decisions.
- ensure that appropriate risk and compliance inputs are shared timely with relevant parties when drafting Risk Acceptance Forms, Project Business Cases, Plans, Requirements Documents etc.
- facilitate and provide governance and risk oversight related to information security, internal audit and external party reviews and assessments.
- assure quality of evidences and findings associated with technology risk and control self assessments.
- support with reviewing incident reports, tracking incident remedial actions, and reporting progress to Management and Regulators.
Key Accountabilities
KEY AC3. KEY ACCOUNTABILITIESC3. KEY ACCOUNTABILITIESOUNTABILITIESKEY ACCOUNTABILITIESK
