Senior Manager Is Grc-risk Management&reporting.information Security Group-isg

Job Category NES Job Group The Information Security Risk Management and Reporting Manager supports in formulating the overall risk management strategy and objectives for the bank s information security function This role involves aligning security risks with business goals defining risk priorities and establishing clear objectives to mitigate and manage risks effectively The role will drive Information Security processes through enabling automation designing enabling solutions to automate risk management processes across the bank ensuring seamless integration enhanced risk visibility and streamlined reporting using advanced GRC tools Responsibilities Risk Management Life-Cycle o Define risk lifecycle management process for the bank in alignment with ERM and ORM and enable the same in ISG GRC solution to support the unit o Act as a trusted advisor to the Business when supporting risk-based decisions o Develop and implement in collaboration with ERM and ORM a Risk Appetite lifecycle framework to ensure continuous alignment with business needs the internal and external threat landscape and regulatory requirements o Assure Information Security exceptions are documented effectively assessed and approved by respective risk owners and tracked for closure Cyber Risk Management o Manage the organization s cyber risks by having a mechanism to identify the key cyber risk to the organization and documenting and reporting to effectively track for closure Cyber Risk Quantification o Quantify the organization s cyber risks Use qualitative or quantitative methods to assess the potential impact of cyber risks on the organization Cyber Risk Register o Develop and maintain a centralized risk register to ensure proper tracking and effective reporting of the identified risks o Ensure continuous updating to capture new risks changes in risk status and remediation progress enabling informed decision-making and proactive risk management Cyber Best Practice Sharing o Regularly share updates on the latest cybersecurity best practices o Encourage teams to incorporate these practices into their daily operations Vendor Relationship Management o Serve as the main liaison between the organization and GRC solution vendors Manage BRDs contracts licensing and renewals ensuring that services and tools meet the company s evolving needs and compliance requirements IS GRC Solution Management o Be the business owner of the bank s GRC platform for ISG and oversee the management of the organization s IS GRC solution o Enable centralized knowledgebase and GRC solution to automate Information Security activities and governance process with a centralized risk register risk reports and dashboards related to overall risk posture for specific location and business unit o Ensure that the solution is effectively used to support the organization s information security governance risk and compliance activities o Support local CISOs IS SPOCs in regulatory audit discussions and data required from ISG and enable the local CISOs with Prism access to onboard the open issues for centralized tracking and governance o Serve as the main liaison between the organization and GRC solution vendors Manage BRDs contracts licensing and renewals ensuring that services and tools meet the company s evolving needs and compliance requirements o Ensure that the GRC tools are properly configured to address the organization s specific risk compliance and audit requirements o Ensure the smooth operation of GRC solutions including monitoring system performance identifying issues and implementing resolutions promptly o Develop training materials and provide ongoing support for GRC platform users ensuring they can effectively leverage the tools for risk and compliance activities General Demonstrate adoption of ISG vision mission key principles cultural and operational objectives Support actively key ISG transverse initiatives Manage the main GRC Run the Bank and Change the Bank agenda to deliver quality results on time and on budget Escalate in advance any alert risk critical dependency and issue that arises with options for their management to ensure proactive management and no surprises Ensure preparation execution and follow-up of regulatory examinations audits and assessments Those reviews shall not result in any critical or high-risk issue for ISG or for ISG GRC Ensure closing of all legal regulatory and audit issues with the expected level of quality in time and on budget Qualifications A mid-senior level officer with sound knowledge and expertise in information security risk management with experience in managing enterprise projects and of direct and indirect relationships with senior and executive management Strong experience with GRC platforms e g RSA Archer MetricStream etc including administration configuration and integration with other business systems Strong experience and knowledge across the Information Security and Cyber Security domains including governance policy procedures compliance management risk management and security incident response etc Strong experience in a Banking environment with a strong understanding of key security frameworks such as ISO27001 XX NIST 800 xx PCI-DSS SWIFT CSP COBIT etc Strong interpersonal analytical and technical skills with strong decision-making and prioritization skills Sound knowledge of evolving advanced tech stacks and related control and risk universe Sound knowledge and expertise in conducting risk assessment Have 10 years of rich experience in the information security domain and at least 2-3 years of dedicated experience in managing GRC solutions or in a similar role with a strong background in governance risk management and compliance Master s degree in IT Information Security Professional certifications CISA CISM CISSP CRISC ISO27001 LA LI etc About Us The leading financial institution in MENA While more than half a century old we proudly think like a challenger startup and innovator in banking and finance powered by a diverse and dynamic team who put customers first Together we pioneer key innovations and developments in banking and financial services Our mandate To help customers find their way to Rise Every Day partnering with them through the highs and lows to help them reach their goals and unlock their unique vision of success Delivering superior service to clients by leading with innovation treating colleagues with dignity and fairness while pursuing opportunities that grow shareholders value We actively contribute to the community through responsible banking in our mission to inspire more people to Rise