Location
Pune | India
Job description
Risk Management
- Promote risk awareness, encourage prioritization of risk remediation, process re-engineering and strategic risk management
- Provide processes for systematic, proactive, and forward-looking risk identification, risk assessment, monitoring, reporting, and keeping CTO risk profile up to date
- Plan and execute thematic risk assessments and input into risk scenario testing and macro threat assessments
- Identify material remediation priorities for CTO and key cross divisional priorities impacting CTO (control / remediation book of work)
- Support CTO in managing the CTB budget allocated for high risk finding remediation and CTO involvement in reducing risk owned by other CIO and CISO divisions
- Be a catalyst and an enabler to the global leadership for achieving the objectives in line with changing regulatory and industry operating landscape and reducing risk against overall technology operations portfolio
- Ensure management transparency by way of timely risk reporting and proactive engagement and representing controls team at different governing forums
Audit Management
- Manage and govern audit requests and findings in a quality assured and controlled manner
- Respond to client due diligence requests in a timely manner
- End-to-end governance, monitoring, control, and reporting of audit lifecycles
- Audit support and advice incl. quality assurance of management action plans, completion check of the deliverables, closure review, ownership transfer, downgrade, risk acceptance and target date extensions
- Act as overall interface with Audit for fieldwork support and ongoing oversight, co-ordination, quality control, read across for all divisional audit findings
- Establish a consistent approach to ownership of management action plans
- Manage operation of audit interface to vendors including monitoring and reporting
- Foster lessons-learned on audit findings and missed self-identified findings
Stakeholder Management - Identify, Partner, and Collaborate
- Establish relationship with external and internal Audit teams to ensure effective and robust challenge to finding and to establish smart management action plans.
- Partner with 2nd LoD, NFRM (Non-Financial Risk Management) to ensure alignment towards Group wide minimum control standards
- Collaborate closely and proactively with DCRO team to manage the finding lifecycle
- Promote and support proactive IT risk culture at the Bank
Desired experience
- Minimum 2 years of experience as Risk and Control Lead in designing and implementation of Technology risk framework in a global organization
- Good understanding of Industry best practices such as NIST, COBIT, ITIL and ISO 27001
- Knowledge of Agile change delivery methodology, DevOps and Shift left concepts
- Cloud Computing Technology (GCP, AWS, Azure etc) certifications or similar domains
- Other professional qualifications and certifications in Technology risk management
Experience / Requirements:
Desired behaviors
- A strong team player comfortable in a cross-cultural and diverse operating environment
- Result oriented and ability to deliver under tight timelines
- Ability to successfully resolve conflicts in a globally matrix driven organization
- Excellent communication and collaboration skills
- Desire to learn about new and emerging technologies and continuous upskilling
- Must be comfortable with navigating ambiguity to extract meaningful risk insights
Job tags
Salary