Job Vacancy 1 - Read

j4admin Job Vacancy 14 October 2023 Hits: 653

Page 2 of 2

Job Description

Job Purpose:

Support the Head of Risk Management’s function in supporting the achievement of business goals and strategies in the following areas:

Development and implementation of Risk Management policies and procedures including the Risk Management Framework focusing on IT related functions;
Provision of IT risk advisory services; and
Coordinating and facilitating the development and implementation of Business Continuity Planning (“BCP”).

Job Responsibilities

Implement and maintain the Risk Management Framework via the following:
- Review and formulate enhancements to the Risk Management Framework specifically in relation to IT risks to maintain a framework that remains relevant in identifying and mitigating significant risks in the achievement of business objectives.
- Assess and regularly analyse IT risks, by evaluating the impact and likelihood of the identified IT risks and prioritise them via maintenance of IT risk registers, report the IT Risk Profile and corresponding risk action plans to the Risk Management Committee (“RMC”), Board Audit and Risk Committee (“BARC”) and Board of Directors (“Board”) in achieving corporate governance objectives.
- Plan and organise governance and risk awareness initiatives in facilitating risk identification and assessment refreshers to facilitate submission of identified risks for the development of an accurate risk profile of the organisation and ultimately, strengthen organisation governance.

Review IT proposals to identify potential risks and vulnerabilities to achieve objective decision making by Management.
Review and coordinate the maintenance of up-to-date IT related manuals, policies and guidelines with the objective of designing and implementing effective risk management solutions, such as security protocols, access controls, encryption, and disaster recovery plans in order to maintain adequate internal controls and alignment with good industry practices and regulatory requirements.
Implement the following Business Continuity (“BC”) initiatives to increase resilience to business disruptions, and contain and mitigate the impact of such disruptions:
- Coordination and facilitation on the development as well as maintenance of the BC Management Framework including the Disaster Recovery (“DR”) Plan and BC Plan;
- Coordination on incident response activities including investigations in the event of IT security incidents, including data breaches, cyber-attacks, and system failures; and
- Facilitation on the implementation of the BC Plan by way of organising BC awareness initiatives and BCP tests, and coordination on DR tests.

Collaborate with the IT team on IT risk advisory services including due diligence assessments provided to external client in support of business objectives.
Continually monitor and assess the effectiveness of organisation's IT risk management practices, evaluating security controls, identifying areas for enhancement and proposing appropriate solutions to improve the organisation's risk posture taking into consideration emerging threats, industry trends, and regulatory changes related to IT risk management.
Prepare the RMC, BARC and Board reporting of IT risks and related matters on the organisation and/or managed entities, where relevant, to facilitate timely reporting of risks to stakeholders.
Collaborate with the IT team in the provision of training and awareness sessions to educate employees on IT risks, security best practices, and data handling procedures
Perform any other duties as may be assigned by the Head of Risk Management in support of the achievement of business objectives.

The Person

Education Qualification:
At least a degree in Computer Science, Information Security, or the equivalent.

Relevant Experience:
At least 6 years in IT Risk Management of which, at least 2 years was in a managerial capacity.

Personal Characteristics & Behaviours: