We are seeking a highly skilled IT Risk Manager to lead our IT risk management team. The successful candidate will be responsible for identifying, assessing, and mitigating IT risks to ensure the security and integrity of our information systems. This role involves developing and implementing risk management policies, conducting regular risk assessments, and ensuring compliance with industry regulations.
Your position
Risk Identification and Assessment:
Identify and evaluate potential IT risks that could impact the bank’s operations;
Conduct regular IT risk assessments and audits;
Refine and lead adherence to the IT Control Framework;
Perform IT supplier risk assessments.
Risk Mitigation:
Develop and implement risk management strategies and policies;
Coordinate with IT and business teams to ensure effective risk mitigation;
Identify et follow up critical vulnerabilities (Patching) in collaboration with the IT Security department.
Compliance and Reporting:
Ensure compliance with relevant laws, regulations, and internal policies;
Define and measure Key Risk Indicators for the first line of defense;
Prepare and present risk reports to senior management, including the CISO.
Team Leadership:
Lead, mentor, and manage a team of three IT risk professionals;
Foster a culture of risk awareness and continuous improvement within the team.
Stakeholder Communication:
Provide expert advice on IT risk management to various stakeholders;
Collaborate with other departments to ensure comprehensive risk management.
Training and Awareness:
Conduct training sessions to raise awareness about IT risk management across the organization;
Stay updated on industry trends, threats, and vulnerabilities.
Additional Responsibilities:
Drive annual user access recertifications and reconciliations;
Annual revalidation of the IT standards et procédures informatiques;
Follow-up on the internal audit findings and recommendation.
Your profile
Qualifications:
Bachelor’s or Master’s degree in Computer Science, Information Technology, or a related field;
Relevant certifications such as CISA, CISSP, CISM, or CRISC;
Proven experience in IT risk management, preferably in the banking sector;
Strong leadership and team management skills;
Excellent communication and presentation abilities;
In-depth knowledge of IT systems, security protocols, and regulatory requirements.
Skills:
Proven 10 to 15 years’ experience in IT (Cyber)Security or (Information) Risk Management;
Analytical and problem-solving skills;
Ability to work under pressure and manage multiple priorities;
Strong understanding of risk management frameworks and methodologies;
Proficiency in risk assessment tools and software.