The Head – ITRM/BCM Department will be responsible for governing the IT Risk Management Framework and its associated controls and reporting. This role is responsible for evaluating the overall information technology risk, maintaining an active view, and reporting on the actual, mitigated and residual risk in the technology organization. He/she is also responsible for assisting the Operational Risk Management Division Head in implementing the Business Continuity Management (BCM) Framework.
QUALIFICATIONS (EDUCATION, EXPERIENCE, COMPETENCY)
Education, Experience and Competency:
- Bachelor’s degree or equivalent in Business, Economics, Finance, Law, IT, Accounting or equivalent. A business certification, such as an MBA, or other business-related qualification is preferred.
- Professional certification, such as CISSP, CISM, CISA, CRISC, or other information security/IT risk credentials, is preferred.
- A minimum of seven (7) years experience in the IT risk management, Information Security and/or IT Audit related activities to lead comparable information risk, security and governance across an enterprise.
- Understanding/Knowledge of enterprise information security architecture discipline, processes, concepts and best practices
- Knowledge of Information Security and Risk control frameworks such as COBIT, ISO 27001, ITIL, and ISO 31000 is preferred.
- Knowledge of business continuity and IT disaster recovery frameworks such as ISO 22301 and ISO 27031 is preferred.
- Demonstrated consultative approach/capability in driving or transforming change and controls as well as project management skills
- Good oral and written skills in English on a business level to be able to articulate complex technical ideas to non-technical stakeholders
- Good leadership and interpersonal skills to build strong relationships with business stakeholders at all levels, including executive managers and vendors
- Strong, proven problem solving and analytical skills and the ability to identify and analyze the root cause of incidents and resolve them by driving solutions to completion
- Proven integrity and the ability to handle confidential matters in a professional manner by applying the appropriate level of judgment and maturity