Senior Analyst- Technology Risk Management
7 days ago
Job Description
Job Purpose:
Candidate will work with VP, Head of Service Risk, AO & Digital Platforms to ensure GRC Operational activities are executed as per the agreed timelines in line with the requirements.
Key Accountabilities:
GRC Operations
Implement GRC activity oversight mechanism across the unit and ensure implementation of proper tracking & reporting systems. Track and complete GT BIA/BCP related requirements as per the GBCM timelines. Track, monitor and report GT related periodic UAE regulatory requests & reporting. Actively work with the team to improve GT Risk Remediation activities and implement proper governance mechanisms. Ensure timely completion of IT Risk Operations activities. Manage Data Leakage Prevention (DLP) notifications and implement improvement initiatives to optimize the monitoring policies. Ensure timely remediation of DLP alerts and necessary actions as per the organization policies. Act as a point of contact for GIA for TechGRC audit activities. Implement proper tracking mechanism for Operational Risk Incidents to ensure compliance with GORM policies. Ensure all the GRC systems used by 3 lines of defense are in sync and execute periodic reconciliation activities. Work with the teams to have definitive plans for GIA issues and other key risk items to ensure timely remediation. Identify and implement automation initiatives to improve overall GRC operations. Implement initiatives to improve ways of working with 2nd line & 3rd line functions. Produce timely and accurate MIS for GRC related activities to be covered as part of regular reporting.Technology Risk Management Framework:
Review and provide inputs on IT risk management framework to ensure efficiency and effectiveness of the process performance Review and provide inputs on technology policies, processes & standards to ensure proper coverage of technology controls and metrics Conduct regular reviews and assessments to assess adherence to Group policies and standards for effective implementation within Group Technology (GT) Review and provide input on standard technology risk and control library Implement the cyber risk assessment model and analysis approaches Conduct various assurance initiatives and internal reviews across GT Identify and implement control automation initiatives across GTCloud Management
Participate in conducting due diligence of cloud service providers and ongoing cloud service providers assessments. Assess cloud solutions and determine risk of technology architecture, implementation, and suitability for the organization. Review cloud service providers contracts for compliance with Group policies/processes and ensure relevant controls are considered in the contract with cloud service providers. Assess the risk implications of digital innovation and its impact on technology risk profile of the bank. Provide recommendations to optimize the risks and ensure technology policy and process alignment. Conduct in-depth technical security reviews, risk assessments, and architecture reviews for Cloud based technologies and solutions to ensure alignment with information security policies and technology guidelines.DevOps/DevSecOps/Agile Practices
Provide inputs to development and maintenance of policies, frameworks, methods and standards for the DevOps and agile practices. Ensure risk and security control requirements are considered during the early stages of the development lifecycle Review possible bottlenecks of running the application in production and suggest service improvement plans.Technology Risk Identification & Assessments:
Work with service teams on various risk and control assessments activities and ensure technology risks are managed as per FAB policies and standards. Participate in Project & Change reviews to ensure appropriate treatment of technology risks. Execute periodic risk assessment activities to identify vulnerabilities, threats and control effectiveness. Assess the severity of each risk by assessing likelihood and impact. Work with stakeholders on the residual risk ratings and potential risk exposure.Technology Risk Treatment & Review:
Support development of risk treatment strategies to maintain the bank’s risk posture at the desired level. Ensure proper implementation of risk treatment options such as mitigation, transfer, acceptance etc. and help IT teams in mitigation or acceptance of risks/issues.Technology Risk Monitoring & Reporting:
Review risk items and define Key Risk Indicators (KRI) to monitor high risk areas. Produce periodic risk profile reports and KRI reports to senior management. Work with technology teams to review Major incidents Reports and identify risk/control measures to prevent incident reoccurrence.Job Context:
Key Performance Indicators :
Timely remediation of DLP alerts and associated actions. Participation in relevant service line specific EA community sessions to address the GRC requirements Completion of Risk and Control Self-Assessments as per the agreed schedule Remediation of Technology GRC risk issues as per the established timelines Adequately monitor and supervise remediation of Technology Service Line risk issues as per the agreed timelines Ontime completion of KRI reporting and GORM incident management reporting Completion of regulatory reporting activities as per the timelines Adherence to GRC automation initiatives implementation plans Ontime completion of mandatory trainings and meeting certification requirement Ensure external audit and regulatory certifications are completed on time without non-compliance (PCI DSS, KPMG Statutory Audit, Swift CSF and NESA) Coordinate with service lines to gather RFI’s and management response for GIA (Group Internal Audit’s) on time.
Qualifications
Knowledge & Experience:
8 - 10 years of working experience in IT Security, Risk and Governance practices. Experience with DLP (Data Leakage Prevention) management activities. Knowledge and expertise in virtualization and cloud computing environments (different cloud models and types). Hands on experience in using various Cloud Security best practices such as Cloud Security Alliance (CSA) guidelines and National Institute of Standards and Technology (NIST) guidelines. Demonstrated experience in conducting technical risk assessments for various Cloud platforms. Good understanding of process models and industry standards relating to IT Security, Risk and Governance. Good understanding of security and risk management in financial institutions. Excellent interpersonal skills and good oral and written communication skills. Achievement of industry recognized certifications such as CISSP, CRISC, CCSP, CCSK, CISA etc. Achievement of AWS and Azure cloud certifications is preferable.Skills:
Relationship management Influencing skills Big picture thinker with attention to details Strong change and communication skills Strong analysis skills Strong interpersonal skills-
Cybersecurity Senior Risk Analyst
1 week ago
bangalore, India The Nielsen Company Full timeThe Cybersecurity Sr. Risk Analyst will be a member of the Global Cybersecurity department reporting to the Cybersecurity Performance Management team and is primarily responsible for assisting with the execution and remediation of cybersecurity assessments related to any of our decentralized infrastructure organizations not completely integrated into central...
-
IT Audit
4 weeks ago
bangalore, India CSC Full timeRole: IT Audit & Risk AnalystLocation: BangaloreSchedule: 4PM IST – 1AM IST ( +/- 1 hour based on the Day light savings time)Working model: HybridIntroduction :The IT - Auditor and Risk Analyst is a highly respected, influential, and in-demand role within the business. The position is responsible for supporting the security direction of the business and...
-
Credit Risk Analyst
2 weeks ago
bangalore, India Antal International Full timeJob Title: Credit Risk AnalystYears of experience: 4-7 yearsLocation : RemoteNotice Period : 45 days MaxLocation: RemoteAbout my client: My client has been amongst the top pioneers to provide content outsourcing services to Publishers and Information providers. Headquartered in Singapore. They provide data services, subject matter expertise (SME), and...
-
Emerging Technology Risk Lead_Director
2 weeks ago
bangalore, India Mancer Consulting Services Full timeWe are currently seeking an experienced professional to join our team in the role of Resilience Risk Specialist, Emerging Technology Risk Lead at a Leadership Level Enterprise Risk Management (ERM) is a sub function of Group Risk. Its purpose is to make sure the organization understands and is in control of its non-financial risk position. This is a...
-
Software Engineering Manager
2 weeks ago
bangalore, India Archer Integrated Risk Management Full timeTitle: Manager - Software EngineeringLocation: Bangalore, IndiaArcher Technologies helps organizations manage risk in the digital era – unitingstakeholders, integrating technologies and transforming risk into reward. As true pioneers inIntegrated Risk Management (IRM) software, Archer remains solely dedicated to helpingcustomers manage risk and compliance...
-
Senior Risk Analyst
2 weeks ago
bangalore, India ANZ Full timeAbout the role At ANZ, we’re shaping a world where people and communities thrive, driven by a common goal: to improve the financial wellbeing and sustainability of our millions of customers. Banking is changing and we’re changing with it, giving our people great opportunities to try new things, learn and grow. Whatever your role at ANZ,...
-
Risk Analyst
4 weeks ago
bangalore, India UNO Digital Bank Full timeOverview:Risk Analyst role involves the person to design and develop cutting-edge data-driven solutions by performing Risk analysis and translating business and functional requirements into business performance. This role will require critical thinking and analytical skills to support delivery on strategic initiatives and analytics projects. This will...
-
bangalore, India Nasdaq Full timeGroup Risk Management (GRM) collaborates with businesses as a trusted advisor, facilitating well-informed decisions that support Nasdaq’s strategic objectives. GRM manages and continues to enhance the Enterprise Risk Management, Internal Control, Business Continuity, Crisis Management, and Corporate Insurance frameworks and programs. These programs...
-
Director of Risk Management
2 weeks ago
bangalore, India WhiteSlips Job Management Consultants Full timeThe Director of Enterprise Risk Management (ERM) is a key executive role responsible for organization's risk management efforts and ensuring its effective integration across all business units and functions. This role involves close collaboration with senior leadership, business heads, and the Board's Risk Management Committee (RMC) to identify, assess, and...
-
Market Risk Manager
7 days ago
bangalore, India Acuity Knowledge Partners Full timeResponsibilities: Validate models in accordance with client’s model risk management policy to assess model usage, documentation, conceptual soundness, data integrity and the control environment. Communicate results via formal model validation reports, as well as presentations to model owners and senior management. Evaluate model performance monitoring...
-
Software Engineering Manager
2 weeks ago
bangalore, India Archer Integrated Risk Management Full timeTitle: Manager - Software Engineering Location: Bangalore, India Archer Technologies helps organizations manage risk in the digital era – uniting stakeholders, integrating technologies and transforming risk into reward. As true pioneers in Integrated Risk Management (IRM) software, Archer remains solely dedicated to helping customers manage risk and...
-
Operational Risk Analyst
2 weeks ago
bangalore, India Swiss Re Full timeAbout the Role : Position summary & Main tasks/activities The Operational Risk Analyst is responsible for identifying, analyzing, and monitoring areas of operational risk with the Life and Health Reinsurance Operational Risk team, including producing comprehensive risk reporting across all risk classes to allow senior management to effectively...
-
Senior Analyst
1 week ago
bangalore, India Dotdash Meredith Full timeJob Description Job Summary Dotdash Meredith (DDM) is seeking a Senior analyst in the Internal Audit (IA) team based in Bangalore, India. The opportunity is to work with Angi SOX Compliance Team (One of the IAC entities) responsible for ensuring controls are consistently applied within company’s environment to meet Sarbanes-Oxley requirements (SOX),...
-
Cybersecurity Lead Risk Analyst
2 weeks ago
bangalore, India The Nielsen Company Full timeThe Cybersecurity Lead Risk Analyst will be a member of the Global Cybersecurity department reporting to the Security Performance Management team and is primarily responsible for assisting with the execution of internal and third party risk analysis and assessments related to our business units. This may include mergers and acquisitions, joint ventures and...
-
Junior Risk Analyst
4 weeks ago
bangalore, India ECOM Agroindustrial Corp. Ltd. Full timeEcom Agroindustrial Corp. Ltd ranks among the leading world merchants in coffee, cotton, cocoa and sugar, operating in over 30 producing and consuming countries. We do this by remaining loyal to the traditional values upon which our company was built – integrity, dedication to growth and development of the industries and markets in which we operate, and...
-
HikeOn Technologies
2 months ago
Bangalore, Karnataka, India HikeOn Technologies Pvt. Ltd. Full timeCompany Description: HikeOn Technologies Private Limited, formerly known as Arwizon Digital Private Limited, is a technology company based in Bengaluru. We specialize in guiding your digital journey with creative design, innovative solutions, and technology expertise. Our team is dedicated to providing the best solutions and services to our clients.Role...
-
HikeOn Technologies
4 weeks ago
Bangalore, India HikeOn Technologies Pvt. Ltd. Full timeCompany Description: HikeOn Technologies Private Limited, formerly known as Arwizon Digital Private Limited, is a technology company based in Bengaluru. We specialize in guiding your digital journey with creative design, innovative solutions, and technology expertise. Our team is dedicated to providing the best solutions and services to our clients.Role...
-
HikeOn Technologies
7 days ago
bangalore, India HikeOn Technologies Pvt. Ltd. Full timeCompany Description: HikeOn Technologies Private Limited, formerly known as Arwizon Digital Private Limited, is a technology company based in Bengaluru. We specialize in guiding your digital journey with creative design, innovative solutions, and technology expertise. Our team is dedicated to providing the best solutions and services to our clients.Role...
-
HikeOn Technologies
4 weeks ago
Bangalore, Karnataka, India HikeOn Technologies Pvt. Ltd. Full timeCompany Description: HikeOn Technologies Private Limited, formerly known as Arwizon Digital Private Limited, is a technology company based in Bengaluru. We specialize in guiding your digital journey with creative design, innovative solutions, and technology expertise. Our team is dedicated to providing the best solutions and services to our clients.Role...
-
Senior Business Analyst
3 months ago
bangalore, India AXA Group Full timeSenior Business Analyst Gurgaon/Bangalore, India Senior Business Analysts bridge the gap between business and IT by being able to communicate effectively with all stakeholders.The Senior Business Analyst will be responsible for supporting an application or multiple applications within a Delivery Team and her/his core responsibilities include eliciting...
