Job Description
Plan, design, and implement an overall IT security risk /operational risk management framework and update relevant risk policy documentation according to regulatory requirements. We are looking for a dynamic, collaborative and practical IT Risk Manager for a large multinational banking corporation.
Overall Requirements:
At least 3 years of experience in the financial services industry, preferably banking or professional services
Professional qualification in IT, technology or data management related areas
Relevant experience in Second Line of Defence or First Line in-business risk and control function in IT and op risk areas
Good knowledge in IT and operational risk management and understanding of relevant regulatory requirements
Practical and hands-on industry experience in overall IT and op risk management controls and practices
Independent, capable to manage evolving risks and able to influence stakeholders and promote for better practices
Overall Responsibilities:
Designated IT operational risk, IT security, Cyber security, data risk management Second Line of Defence function for the Bank
Plan, design, and implement an overall IT security risk /operational risk management framework and update relevant risk policy documentation according to regulatory requirements (including CPS 234 Information Security, CPG 234 Information Security, CPG 235 Managing Data Risk and other relevant prudential documentations etc.)
Assist in establishing and maintaining risk appetite and metrics for IT/operational risk and perform monitoring of key risk indicators (KRIs) and other IT-related metrics on a regular basis
Independently supervise and challenge first line IT risk management, liaise with IT and relevant departments in performing day-to-day IT risk management and controls
Actively participate in business continuity plan (BCP) and disaster recovery (DR) testing on a regular basis
Coordinate and provide support and reporting to Risk Committee, particularly in IT op risk-related areas
Understand Head Office and regulatory requirements for IT security risk matters and able to provide support, education and training to staff to build risk awareness within the Bank
Prepare response and investigation of IT-related matters (e.g. outage, down time etc) in a timely manner
Coordinate various stakeholders in compiling relevant data and information (e.g. indirectly from Head Office via IT) and perform checking and validation and ensure quality and submission on time
Perform other IT/op risk functions including system update/maintenance etc.
Ad hoc projects and tasks
Assist in ad hoc projects and tasks such as Head Office requests, preparation of prudential/audit review
Relief / backup support to other team members
If this sounds like you please apply! - mark.ansellcarter@perigongroup.com.au