Job Description
Abu Dhabi Islamic Bank - ADIB is currently recruiting for the role of IT Risk Analyst
Implementing IT Risks Process; responsible for implementing an overall IT risk management process for the IT department.
Duties and Responsibilities
Your main responsibilities in this role include the following:
Participate in establishing and quantifying the IT department’s “risk appetite” based on the Bank’s 'risk appetite', i.e. the level of risk they are prepared to accept identified risks and ensuring the proper integration of IT Risk with business goals and objectives.
Implementing the IT Control Monitoring and Maintenance system; responsible for implementing the IT risks controls involving external risk reporting to stakeholders as well as maintaining and tracking IT controls within the control inventory as well as control issues and their remediation plans.
Implementing the IT Risk Assessment; responsible for executing the risk evaluation process which involves comparing estimated risks with criteria established by the bank such as costs, legal requirements and environmental factors, and evaluating the IT department’s previous handling of risks
Monitoring and controlling IT risks; responsible for participating in reporting for different audiences from different levels “management, business and individuals”
Raising the IT staff Risk Awareness; responsible for providing support, education and training to IT staff to build risk awareness within the IT department
Participating in creating detailed process flows, identifying gaps and or inconsistencies and make sound recommendations for improvement and/or migration.
Identifying acceptable levels of residual risk, and assist with action plans, policy and procedural changes for risk avoidance and mitigation.
Participate in developing the IT Risk Management; responsible for maintaining IT risk metrics and reporting IT risk posture to IT management on a scheduled basis.
Risk auditing and reviews preparation; responsible for participating in assessing all IT areas for adherence to controls, policy, procedures and standards with respect to risk mitigation action plans. Follow up on deficiencies identified in monitoring reviews, self-assessments, automated assessments, and internal and external audits to ensure appropriate remediation measures have been taken. Tracking risk mitigation steps (from self-assessments & Internal Audit) and ensure that risks are remediated appropriately and in a timely manner.
Developing Risk Mitigation Plans and Response Plans; responsible for participating in leading IT teams efforts in developing the mitigation steps many have been identified in monitoring reviews, self-assessments, automated assessments, and internal and external audits, also, collaborating with Internal Audit and audit finding owners to ensure changes to the remediation plans are understood, documented and tracked as well as assisting in implementing all aspects of the Technology Risk Management Program.
Integrating Risk Management into software development life cycle; responsible for reviewing the process for software development life cycle and identifying the gaps to ensure that proper integration of the Risk Management process controls
Adhere to systems, policies, procedures, and productivity standards.
Participate in developing team’s strategic goals and define teams’ objectives.
Maintain professional and technical knowledge and benchmark state-of-the-art practices
Report the analytical daily statistics and recommend actions to resolve any issues that arise
Perform daily operational activities and brings out issues and risks that may arise as a result of the process overflows.
Comply with ADIB security policies.
Comply with team’s SOP (policies and procedures)
Presenting to IT Risk Manager headline stats and analysis with recommendations for changes on regular basis
And any other assigned tasks.
Job Requirements
Bachelor Degree in Engineering, Computer Science or Communication
At least 4 years’ Information Technology experience and/or Risk Management disciplines preferable in the banking industry
At least 2 years of experience in a similar managerial position
Experience with IT Governance, Risk and Compliance (IT GRC) tools
CIA, PMP, CISSP, CISA, CRISC, or CISM certification (is a plus)
Proficiency in information security, risk management, and audit (risk/security policies, procedures and control)
knowledge of some of IT processes and controls and understanding of risk and control frameworks (CoBIT, ISO, ITIL, Audit based risks)
General knowledge of information security regulatory requirements and standards such as ISO 27001/2
Understanding of the COSO Enterprise Governance Management frameworks (is a plus)
Strong understanding of application, network, operating system and core infrastructure security concepts and concerns
Exemplary written and oral communication skills in both English and Arabic languages
Proven supervisory skills
Job Details
Company: Abu Dhabi Islamic Bank - ADIB Egypt
Employment Type: Full-time
Job Location: Cairo, Egypt