Technology Risk Manager
|Job Title:||Technology Risk Manager|
|Job Published:||May 15, 2017 14:31|
A dedication to meeting the needs of retail and SME banking customers in the South African market provides the focus needed to be successful.
In addition to a strategy that will take the group to a significant place in the South African economy the team are also developing technologies, propositions and solutions that can be leveraged throughout the emerging markets business. The South African business comprises an IT development capability in addition to the company focused on building new and exciting banking propositions.
The strategy is centered on financial inclusion through digital banking and financial literacy and is focused on innovative, digital offerings to retail and SME business customers across China, India, Vietnam, Indonesia and South Africa. International Financial Services is an exciting and vibrant part of the Group
This role reports to the CIO with a matrix line to the Head of Technology Risk International. The position will be actively involved in remediation activities for a large cyber security program and secure delivery of banking over the coming 12 months. The role will also be directly responsible for enabling the implementation of security controls commensurate with the risk appetite of the business. This role also engages directly with country risk teams, regional Cyber security and technology risk, country Heads of Technology, and other key business stakeholders. The Manager: Cyber Security & Risk is a key position tasked with embedding mandatory security and risk controls into the South Africa businesses. Managing all aspects of cyber security and technology risk, this regional role will leverage the regional team located in Hong Kong, and the Group teams to enable the business strategy, and be country lead and subject matter expert for the delivery of security controls for the South Africa business.
Whilst working with the regional team, this role is responsible for the successful coordination and outcomes of security control delivery, technology risk management, and cyber security threat management for all operations in South Africa. The role will need to help deliver and uplift the new digital bank, establish operational processes, plan and coordinate all security activities, understand technical and people challenges across South Africa, and lead the cyber security capability. This is a key role for the Digital Protection Group (DPG) International team, and success will be the delivery of secure banking services in the country.
Support the management of security & technology risks within the Bank
Work with the Risk/Compliance Team in the execution of the IT Risk/Compliance Program by obtaining and analyzing data and information required for decisions in planning, scoping, and risk-assessing the review and/or conducting assigned testing.
Perform compliance control operation of IT security controls including security incidents and performing user access controls
Perform compliance activities including access recertification and process documentation and monitoring of SOX applications access logs
Monitor IT open audit issues and coordinate remediation
Maintain the IT Risk and Security Calendar
Participate in the development of compliance audit procedures, supporting tools and reports to evaluate risks and controls
Perform selected IT Risk Assessments on IT projects and controls
Determine information security risk profiles for various vendor and business partner
Proactively escalate any areas of concern and ensure remedial steps are identified and implemented
Perform deep dive and thematic reviews as required including supplier and third party reviews.
Perform root cause analysis and lessons learnt on risk events.
Proactively identify potential fraud risks, cyber and information security risks and highlight to management.
Experienced in proactively identifying technology risk, evaluating design and operating effectiveness of system controls
Our people capabilities are reflective of our culture and, regardless of level, are capabilities we expect to see demonstrated by all employees.
Creating value in each customer interaction and focusing on the total customer experience,
Communicating clearly and with impact to ensure understanding, engagement and commitment to action.
Team and Culture:
Inspires others to demonstrate the Group’s values and works together to create a passionate, high performing culture.
Initiating action and committing to achieving business outcomes by taking accountability for goals.
Understanding and using knowledge, industry information and financial drivers in decisions and actions.
Continuously improving and innovating what we do to make things simple and easy for our customer and each other.
Your experience is ideally supported by the following:
Strong technical knowledge of systems, networks, and security controls
Outstanding communication skills both written and oral
Outstanding influencing skills and organisation skills
Ability to drive and manage own workload and operate within defined deadlines
Seasoned understanding of Technology risk management principles and knowledge of Operational Risk and Compliance frameworks
Inquisitive approach/ attention to detail
Strong analytical and problem solving skills to develop acceptable solutions for the business
Tertiary qualification in a relevant discipline will be preferred
• CISSP and/or CISA qualification desired
7+ years’ experience in IT Risk role
Significant technical knowledge of platform and network infrastructure, cyber security, and technology risk
Experience in large transformational change
Demonstrated experience in working in large Banking & Finance projects
Experience in core banking, mobile and digital banking transformation
Practical experience in managing stakeholders to effect change, including strong influencing skills
Experience with deploying security controls
Detailed understanding of SARB regulatory requirements in South Africa
Experience in implementing and managing operational risk management frameworks in a banking, telecommunications or insurance environment
Experience in technology risk governance and strong understanding of regulations relating to technology risk, and information security
Ability to identify technology and other operational risks, influence the business to apply good risk practices
Be able to multi task and be a self-starter.
Ability to work with a broad range of stakeholders
Previous experience in and technology risk advisory capacity. Personal competencies
Able to work within a fluid environment, reacting to events and juggling multiple work streams and priorities;
Able to work as part of a team while proactively and independently delivering;
Able to work to deadlines;
Can deal with ambiguity/change;
Can function under pressure and maintain a positive attitude;
You have a can do attitude and a strong work ethic to prove it;
Have good problem solving skills (analysis of options and impact assessment)
Good initiative, high energy level, self-starter and self-management ability (requires moderate supervision levels only)
Must be a team player and work for the good of the team
Able to interact with end users and up to middle management level of a business
Inter personal communications skills and presentation skills
Lateral thinking (willing to change and accept new ideas / concepts)
Analytical thinking & decision making ability in a complex environment
Good problem solving skills (analysis of options and impact assessment)
Flexibility and adaptability (Flexibility and innovation in approach)
Motivating and influencing others (ability to lobby new concepts to relevant parties)
People networking and good, rapid relationship building
High quality of output
Consultative approach to resolution of issues and problems
Able to coach and guide more junior developers
Will be required to work outside normal working hours from time to time which may include weekends
Will be required to be on standby from time to time. How often will depend on the schedule setup
May be required to travel (both local and international) from time to time
Must be able to work in a high stress environment and maintain a positive attitude
Have your own reliable transport
Have your own cellphone
Have a valid driver’s license
Have a clear criminal and credit record
Get similar jobs like these by email
By submitting your details you agree to our T&C's