Oro IT Risk Officer

7 days ago


Mumbai, India Riverforest Connections Full time

**Position Purpose** - Purpose: The below requirement is for ORO-IT Officer role and part of the Risk ORM, ORO-IT team and will be responsible for assisting with the management and execution of the bank?s IT risk management function within the 2nd Line of Defense. - Scope: Group/Global **Responsibilities** **Direct Responsibilities** - Conduct ICT risk assessments across Company in accordance with Group RISK ORM ICT standards and policies - Independently perform and contribute to independent risk assessment testing activities, carried out by the global teams as mentioned below: Application & Infrastructure Risk Assessments working with the Business and Technology teams to identify security issues in existing and new systems, and agree corresponding actions to mitigate or accept risks. Tracking issues and agreed actions to completion. - ICT GCP (Generic Control Plan) testing ? Perform Generic controls testing to determine the performance and operational effectiveness of controls and develop detailed reports documenting the gaps identified and recommendations for improvement. - Maturity Assessments ? Conduct technical and process based analysis of maturity of ICT controls across Company Group entities. - Partner with Business and Technology teams in helping them understand their technology risk profile and influencing their risk management decisions. - Contribute to the industrialization of RISK ORM, ORO-IT services by development of methodologies / tools for the achievement of assignments. - Work in collaboration with other stakeholders from business and other RISK ORM teams to contribute towards influencing the ICT risk culture and reporting the risk status to the Company Board and senior management. **Contributing Responsibilities** - Perform technical and process based ICT risk assessments in partnerships with regional / global stakeholders. - Support the oversight, check & challenge and reporting on the performance and operating effectiveness of ICT / IT controls across Company entities, with a focus on high risk areas and critical business operations - Contribute to the industrialization of ORO-IT services by development of methodologies / tools for the achievement of assignments. - Regularly and proactively monitor global events / incidents to determine new emerging risks areas and propose improvements to the risk assessment approach / processes. - Establish and maintain relationships with RISK ORM, RISK ORM ORO-IT and Company entity stakeholders. - Build and establish networks and relations with other key internal stakeholders (i.e. Global Security Operations, HR, Facilities, Legal, and Internal Communications). - Support the development and implementation process for validating effectiveness of the ICT controlsRisk Management Environment: - Identification & assessment: Ensure that the identification and assessment of operational risks are effectively done across the organization by correlating input from Audit Findings, Internal Loss Data Collection & Analysis, External Data Collection & Analysis, Risk Control Self Assessments, Business Process Mapping, KPIs & KRIs, Scenario Analysis, and Quantified Measurement & Comparative Analysis. - Monitoring & Reporting: Implement a process to regularly monitoring operational risk profiles and material exposure to losses and provide appropriate reporting mechanisms to the board, senior management and the business lines. Data capture and operational risk reporting should be continuously enhanced and provide a feedback loop to enhance risk management policies, procedures and practices. - Control & Mitigation improve the effectiveness of the Internal Controls programme by reviewing the control environment, risk assessment process, control activities, information and communication and monitoring activities. Assess operational risk response strategies. Validate risk transfer options. **Technical & Behavioral Competencies** **Essential** - Demonstrated passion towards uncovering control weaknesses in processes and technology. - Results-oriented and strong teammate with excellent analytical, problem solving skills. Outstanding presentation, written and verbal communication skills. - Knowledge of compliance standards like CIS, NIST and GDPR. With high level knowledge of secure development practices and standards such as OWASP. - Proficiency in concepts related to network infrastructures, information system security including emerging threats and attacks methodologies, in particular: Network security, network equipment configuration, network protocols, network standards, supervision, "Conceptual Skills," "Decision Making," "Informing Others," functional and technical expertise, reliability, information security policy. - Recognized skills for the integration of different security or data protection technologies within a coherent architecture to effectively cover the risks of the company. - Good technical understanding of security technologies, including intrusio



  • Mumbai, Maharashtra, India BNP Paribas Full time ₹ 15,00,000 - ₹ 30,00,000 per year

    Position Purpose RISK Operational Risk Management (RISK ORM), created early 2021 to oversee operational risks within the mandate of the RISK function, is organised, under the responsibility of the Group Chief Operational Risk Officer (Group CORO), around 3 Poles: RISK ORM Framework, RISK ORM Technology Transversal Risks and RISK ORM Network.Under the...


  • Mumbai, India BNP Paribas Full time

    Job Description About BNP Paribas India Solutions: Established in 2005, BNP Paribas India Solutions is a wholly owned subsidiary of BNP Paribas SA, European Union's leading bank with an international reach. With delivery centers located in Bengaluru, Chennai and Mumbai, we are a 24x7 global delivery center. India Solutions services three business lines:...


  • Mumbai, India BNP Paribas Full time

    Position Purpose RISK Operational Risk Management (RISK ORM), created early 2021 to oversee operational risks within the mandate of the RISK function, is organised, under the responsibility of the Group Chief Operational Risk Officer (Group CORO), around 3 Poles: RISK ORM Framework, RISK ORM Technology & Transversal Risks and RISK ORM Network. Under the...


  • Malad, Mumbai, Maharashtra, India Eway IT Solutions Full time

    **Job description: -** - Conducting compliance risk assessment training workshops - Conducting internal reviews and audits - Conducting environmental audits to ensure the company meets environmental requirements - Advising internal management and business partners on the implementation of compliance programs - Developing risk management strategies -...

  • Risk Officer

    2 weeks ago


    Mumbai, India SAMCO Asset Management Company Full time

    **Designation**: - Risk Officer **Reporting To**: - The CEO **Main Purpose of job**: - The role of the Risk personnel will encompass the analysis and reporting of risks in the following areas: 1. Investment risk Management 2. Credit Risk Monitoring 3. Operational risk management 4. Business Risk Management **Key Accountabilities: - ** The Risk...

  • Chief Risk Officer

    2 weeks ago


    Mumbai, Maharashtra, India SHREE RAM amc Full time ₹ 12,00,000 - ₹ 36,00,000 per year

    Hiring Alert Chief Risk Officer (CRO) - Asset ManagementLocation:Mumbai, India Are you a visionary risk leader ready to define and govern the future of risk at a top-tier Asset Management Company (AMC)?We are looking for aChief Risk Officer (CRO)to take the helm of our enterprise-wide risk management framework, ensuring a robust and proactive risk culture...

  • Internal Auditor

    4 weeks ago


    Mumbai, India Aliviar Risk Full time

    The Internal Auditor will be responsible for evaluating financial and operational controls, ensuring compliance with regulations, identifying risks, and recommending process improvements for our clients. This role is ideal for someone who thrives in a client-facing environment and has a passion for delivering insights that drive business value. Key...

  • Vice President

    2 weeks ago


    Mumbai, India BNP Paribas Full time

    Job Description Description Job Description RISK ORM ICT ISPL Job Title RISK Operational Risk Officer (ORO) ICT ISPL Date July 2025 Department RISK ORM ICT APAC Location: Mumbai Business Line / Function RISK Reports To (Territory) Head of RISK ORM ICT & COE Head of RISK ORM ICT APAC Grade (if applicable) (Regional) Number Of Direct...

  • Corporate Risk

    2 days ago


    Mumbai, India JPMorgan Chase & Co Full time

    **JOB DESCRIPTION** Job Title** **Corporate Risk - Credit Risk Middle Office (CRMO) - Associate** **Posting Description** As part of Risk Management and Compliance, you are at the center of keeping JPMorgan Chase strong and resilient. You help the firm grow its business in a responsible way by anticipating new and emerging risks and using your expert...


  • Mumbai, India BNP Paribas Full time

    Job Description About BNP Paribas India Solutions Established in 2005, BNP Paribas India Solutions is a wholly owned subsidiary of BNP Paribas SA, European Union's leading bank with an international reach. With delivery centers located in Bengaluru, Chennai and Mumbai, we are a 24x7 global delivery center. India Solutions services three business lines:...