Abu Dhabi Islamic Bank تعلن عن حاجته للوظائف التالية :
إعلان 2020 Abu Dhabi Islamic Bank
Abu Dhabi Islamic Bank تعلن عن حاجته للوظائف التالية :
إعلان 2020 Abu Dhabi Islamic Bank
JOB PURPOSE
· Job incumbent will be responsible for implementing the IT Risk Framework and its associated controls, also responsible for participation in evaluating the overall IT risks, maintain an active view, assessment and report on the actual, mitigated and residual risk in the technology organization.
The job incumbent is responsible for assisting the IT Risk Manager in implementing the IT risk management program based on IT accepted risk frameworks. The IT Risk Specialist will interview personnel and gather information to perform risk assessments in various information technology functions & processes. The job requires assisting the IT department in developing periodic reports and dashboards presenting the level of controls compliance and the current IT risk posture.
Abu Dhabi Islamic Bank تعلن عن حاجته للوظائف التالية :
KEY ACCOUNTABILITIES
· · Implementing IT Risks Process; responsible for implementing an overall IT risk management process for the IT department
· Participate in establishing and quantifying the IT department’s “risk appetite” based on the Bank’s ‘risk appetite’, i.e. the level of risk they are prepared to accept identified risks and ensuring the proper integration of IT Risk with business goals and objectives.
· Implementing the IT Control Monitoring and Maintenance system; responsible for implementing the IT risks controls involving external risk reporting to stakeholders as well as maintaining and tracking IT controls within the control inventory as well as control issues and their remediation plans.
· Implementing the IT Risk Assessment; responsible for executing the risk evaluation process which involves comparing estimated risks with criteria established by the bank such as costs, legal requirements and environmental factors, and evaluating the IT department’s previous handling of risks
· Monitoring and controlling IT risks; responsible for participating in reporting for different audiences from different levels “management, business and individuals”
· Raising the IT staff Risk Awareness; responsible for providing support, education and training to IT staff to build risk awareness within the IT department
· Participating in creating detailed process flows, identifying gaps and or inconsistencies and make sound recommendations for improvement and/or migration.
· Identifying acceptable levels of residual risk, and assist with action plans, policy and procedural changes for risk avoidance and mitigation.
· Participate in developing the IT Risk Management; responsible for maintaining IT risk metrics and reporting IT risk posture to IT management on a scheduled basis.
· Risk auditing and reviews preparation; responsible for participating in assessing all IT areas for adherence to controls, policy, procedures and standards with respect to risk mitigation action plans. Follow up on deficiencies identified in monitoring reviews, self-assessments, automated assessments, and internal and external audits to ensure appropriate remediation measures have been taken. Tracking risk mitigation steps (from self-assessments & Internal Audit) and ensure that risks are remediated appropriately and in a timely manner.
Abu Dhabi Islamic Bank تعلن عن حاجته للوظائف التالية :
· Developing Risk Mitigation Plans and Response Plans; responsible for participating in leading IT teams efforts in developing the mitigation steps many have been identified in monitoring reviews, self-assessments, automated assessments, and internal and external audits, also, collaborating with Internal Audit and audit finding owners to ensure changes to the remediation plans are understood, documented and tracked as well as assisting in implementing all aspects of the Technology Risk Management Program.
· Integrating Risk Management into software development life cycle; responsible for reviewing the process for software development life cycle and identifying the gaps to ensure that proper integration of the Risk Management process controls
· Adhere to systems, policies, procedures, and productivity standards.
· Participate in developing team’s strategic goals and define teams’ objectives.
· Maintain professional and technical knowledge and benchmark state-of-the-art practices
· Report the analytical daily statistics and recommend actions to resolve any issues that arise
· Perform daily operational activities and brings out issues and risks that may arise as a result of the process overflows.
· Comply with ADIB security policies.
· Comply with team’s SOP (policies and procedures)
· Presenting to IT Risk Manager headline stats and analysis with recommendations for changes on regular basis
And any other assigned tasks.
Abu Dhabi Islamic Bank تعلن عن حاجته للوظائف التالية :
Experience and other requirements
· Bachelor Degree in Engineering, Computer Science or Communication
· At least 4 years’ Information Technology experience and Risk Management disciplines preferable in the banking industry
· must be continually updated thwith of the latest data-protection news, cybersecurity legislation, practices, and techniques. seeks out this information and uses it to shape his or her risk-analysis.
. must have strong analytical skills & has to be able to study computer systems, assess any potential risks, and consider possible solutions.
· At least 2 years of experience in a similar managerial position
· Experience with IT Governance, Risk and Compliance (IT GRC) tools
· CIA, PMP, CISSP, CISA, CRISC, or CISM certification (is a plus)
· Proficiency in information security, risk management, and audit (risk/security policies, procedures and control)
· knowledge of some of IT processes and controls and understanding of risk and control frameworks (CoBIT, ISO, ITIL, Audit based risks)
· General knowledge of information security regulatory requirements and standards such as ISO 27001/2
· Understanding of the COSO Enterprise Governance Management frameworks (is a plus)
· Strong understanding of application, network, operating system and core infrastructure security concepts and concerns
· Exemplary written and oral communication skills in both English and Arabic languages
Proven supervisory skills