Tech Risk & Compliance Lead Specialist
The role will be responsible to lead and review the effectiveness and adequacy of the Internal Control Framework, Technology Risk/Information Security, Compliance, BCMS and Governance for IT Operation. Key Responsibilities
- Coordinate compliance with Group IT Security policies and standards.
- Perform and ensure the delivery of security risk assessments to identify comprehensive security risks and gaps.
- Review technology related proposal requests to ensure that potential technology risks are properly managed.
- Coordinate Third Party Security Assessments across all departments.
- Advise departments on security related requirements, policies, standards and best practices.
- Assist in the management of local security related issues such as non-compliance, data leakage, escalations etc.
- Plan and deliver security training and awareness programs.
- Ability to create and maintain internal control matrices to demonstrate compliance with various frameworks and requirements.
- Designs IT/BCMS audit procedures to execute the annual audit plan, assess controls and meet audit objectives.
- Make recommendations for improvement of control environment through audits or project participation.
- Prepare and provide IT/BCMS reports, communications and presentations to management.
- Bachelor's degree in IT/Security or equivalent.
- 5 years of InfoSec, Technology Risk work experience.
- Experience performing IT risk assessments to identify risk and controls gaps.
- Certifications/licenses - CISSP will be an added advantage.
- Familiarity and understanding in any ISO audit frameworks will be an added advantage.
- A self-starter with proactive attitude and the ability to work independently.
- Strong verbal and written communication skills to effectively present audit findings and recommendations to auditees.
Risk Management, Compliance, Information Security, Finance, Legal, Technology