VP – IT Risk Management
Dubai
This position involves managing all aspects of IT risk and audit management within the organization. It requires a deep understanding of information technology, cybersecurity, risk assessment methodologies, and regulatory compliance standards.
Responsibilities:
- Create and implement IT risk management strategies to identify, assess, and mitigate potential risks to the organization’s IT systems and data.
- Establish and maintain IT risk governance frameworks to align with business objectives, regulatory compliance, and effective decision-making.
- Track and report on key risk indicators, compliance metrics, and security performance to senior management and stakeholders.
- Regularly review and update policies and procedures to enhance the organization’s IT risk, governance, and security posture.
- Conduct thorough risk assessments of IT systems, infrastructure, and processes.
- Develop and implement strategies and controls to minimize IT-related risks and vulnerabilities.
- Develop and enforce IT policies and procedures to ensure compliance, security, and best practices.
- Support and coordinate internal and external audits of IT systems and controls.
- Establish and maintain frameworks and practices to ensure data quality, integrity, and security.
- Lead the implementation of security measures to protect IT infrastructure, networks, and data from cyber threats and breaches.
- Establish and maintain effective processes and controls for managing vendor risks.
- Develop and maintain incident response plans and business continuity/disaster recovery strategies for IT systems and infrastructure.
- Coordinate response efforts during security incidents and other emergencies.
- Develop and deliver training programs to enhance IT risk management and compliance awareness across the organization.
Requirements:
- 15+ years of relevant experience, ideally in banking, professional services, or legal information services.
- Bachelor’s degree in information technology, computer science, business administration, or a related field.
- Professional cybersecurity certifications such as CISA, CISSP, and CRISC.
- Proven experience in IT risk management, audit, and compliance within a complex organizational environment.
- In-depth knowledge of IT governance frameworks like COBIT, ISO 27001, NIST Cybersecurity Framework, and ITIL.
- Strong analytical skills to assess complex IT systems and processes.
- Excellent written and verbal communication and interpersonal skills to engage and influence stakeholders at all levels.
- Demonstrated leadership abilities to lead cross-functional teams and drive initiatives to successful completion.
- Strong organizational and analytical skills.