Avp Risk and Control

**Job Title: IT & Risk Control officer**

**Location: Pune, India**

**Corporate Title: AVP**

**Role Description**

The IT Risk and Control officer provides data analysis, identifies and evaluates potential areas of non-compliance or risk, assessing impact, probability and defined risk tolerance and presents findings and proposals for risk mitigation measures. The Divisional Regulatory, Risk and Control Analyst is responsible for supporting the delivery of the risk and control initiatives. This includes participation in risk and control activities, risk-based control reporting of key issues, performance and validation of cyclical activities such as annual control self-assessments. Achieve & Maintain coverage and compliance targets for IT Controls, especially IT Security Controls. Also be an influencer through offering advise & support to enable TDI PB to build & maintain value-adding and compliant software.

**What we’ll offer you**

As part of our flexible scheme, here are just some of the benefits that you’ll enjoy
- Best in class leave policy
- Gender neutral parental leaves
- 100% reimbursement under child care assistance benefit (gender neutral)
- Flexible working arrangements
- Sponsorship for Industry relevant certifications and education
- Employee Assistance Program for you and your family members
- Comprehensive Hospitalization Insurance for you and your dependents
- Accident and Term life Insurance
- Complementary Health screening for 35 yrs. and above

**Your key responsibilities**

**Key Responsibilities / Tasks**:

- Foster continuous compliance for TDI PB in accordance with PB risk appetite
- Advice, support, tracking and management reporting on IT Asset Governance processes
- Demonstrate advanced understanding of business processes, internal control risk management, IT controls and related standards
- Identify and evaluate complex business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement
- Drive the risk culture and risk awareness
- Represent TDI PB on risk and control topics to TDI
- Actively participate in decision making with engagement management and seek to understand the broader impact of current decisions
- Facilitate use of technology-based tools or methodologies to review, design and/or implement products and services
- Excellent potential for 1) playing lead role in designated tasks in gathering, organizing and analyzing data ; 2) strong potential for growth and acceptance of additional responsibilities
- Responsible for Vendor Risk Management compliance & approvals within the bank.
- Ensuring compliance to New Application Repository compliance
- Single point of contact for internal/external/regulatory Retail IT Audit compliance.
- Responsible for demonstrating continuous improvement in state of monitoring of information security events.
- Responsible to timely reporting and resolution of security incidents to IT management teams.

**Our main work packages are**:

- IT Finding Management
- IT Asset Management
- IT Governance Process Optimization
- IT Control Governance
- Identity and Access Management
- Application Security Management
- Audit Control & Advisory
- Application Decommissioning

**Your skills and experience**
- Bachelor of Science or Bachelor of Engineering + MBA equivalent from an accredited college or university (or equivalent)
- Experience in the field of Information Security / SOC / Incident Response / Incident Forensics
- Domain knowledge in the Banking industry
- Excellent knowledge of MS Office (including Excel, PowerPoint, Word).
- Good written and spoken communication skills
- Proven ability with building positive working relationships and managing stakeholders.
- Ability of adapting to change. Be open minded to new solutions and ideas, think “outside of the box”.
- Willing to share information, transfer knowledge and expertise.
- Proactive approach and ability to take ownership of assignments.
- Maintain a structured and systematic approach without being dogmatic
- Information Security technical Certifications such as CEH, ECSA, CISA, CISSP etc.
- Strong working knowledge of various security technologies including architecture, incident management, and forensics.
- Experience or technical knowledge in financial environments is a plus
- Professional level of English

**How we’ll support you**
- Training and development to help you excel in your career
- Flexible working to assist you balance your personal priorities
- Coaching and support from experts in your team
- A culture of continuous learning to aid progression
- A range of flexible benefits that you can tailor to suit your needs

**About us and our teams**

Our values define the working environment we strive to create - diverse, supportive and welcoming of different views. We embrace a culture reflecting a variety of perspectives, insights and backgrounds to drive innovation. We build talented and diverse teams to drive b