Reported successfully

IT Risk Management & Assessment

• Conduct IT risk assessments for applications, infrastructure, digital banking platforms, cloud services, and third-party technology providers.
• Identify technology risks, assess control effectiveness, and recommend appropriate mitigation actions.
• Monitor and track remediation plans for identified IT risks, audit findings, and regulatory observations.
• Support risk reviews for technology projects, system changes, and digital initiatives.

Governance & Compliance

• Support implementation and maintenance of the bank’s IT Risk Management framework, policies, standards, and procedures.
• Ensure alignment with regulatory requirements, CBM guidelines, internal policies, and industry best practices.
• Participate in IT governance forums, risk committees, and compliance reviews.
• Assist in coordinating internal/external audits and regulatory examinations related to technology risk.

Risk Reporting & Monitoring

• Develop and maintain IT risk reports, dashboards, and Key Risk Indicators (KRIs).
• Monitor emerging technology risks, control gaps, and operational risk trends.
• Prepare management reports and presentations for risk governance meetings.

Third-Party & Digital Risk Oversight

• Support technology vendor and third-party risk assessments.
• Review outsourcing and digital partnership risks to ensure compliance with the bank’s risk standards.
• Participate in due diligence reviews for new technology implementations and digital services.

Stakeholder Collaboration

• Work closely with Technology, Information Security, Operational Risk, Compliance, and business teams on risk-related matters.
• Promote technology risk awareness and governance culture across the organization.
• Provide advisory support on risk and control considerations for technology initiatives.

• Bachelor’s degree in: IT / Computer Science / Risk Management / Cybersecurity / Business Information Systems or related disciplines.
• Candidates with education or specialization in Risk Management, Governance, Audit, or Compliance are preferred.
• Minimum 4–6 years of experience in: IT Risk Management / Technology Risk / IT Governance / IT Audit / Operational Risk / Information Security Governance / Compliance or related risk functions (Experience in banking or financial institutions is preferred.)
• Risk and governance-related certifications are preferred.

Role Boundary Clarification

This role is focused on technology risk governance, oversight, assessment, and reporting. It does not perform operational cybersecurity functions such as:

• Security monitoring
• Incident response operations
• Penetration testing
• Firewall administration
• Security tool management

• These responsibilities remain under Information Security and Technology Operations teams.