Oro IT Risk Officer

2 weeks ago


Mumbai, India Riverforest Connections Full time

**Position Purpose**
- Purpose:
The below requirement is for ORO-IT Officer role and part of the Risk ORM, ORO-IT team and will be responsible for assisting with the management and execution of the bank?s IT risk management function within the 2nd Line of Defense.
- Scope: Group/Global

**Responsibilities**

**Direct Responsibilities**
- Conduct ICT risk assessments across Company in accordance with Group RISK ORM ICT standards and policies
- Independently perform and contribute to independent risk assessment testing activities, carried out by the global teams as mentioned below:

Application & Infrastructure Risk Assessments working with the Business and Technology teams to identify security issues in existing and new systems, and agree corresponding actions to mitigate or accept risks. Tracking issues and agreed actions to completion.
- ICT GCP (Generic Control Plan) testing ? Perform Generic controls testing to determine the performance and operational effectiveness of controls and develop detailed reports documenting the gaps identified and recommendations for improvement.
- Maturity Assessments ? Conduct technical and process based analysis of maturity of ICT controls across Company Group entities.
- Partner with Business and Technology teams in helping them understand their technology risk profile and influencing their risk management decisions.
- Contribute to the industrialization of RISK ORM, ORO-IT services by development of methodologies / tools for the achievement of assignments.
- Work in collaboration with other stakeholders from business and other RISK ORM teams to contribute towards influencing the ICT risk culture and reporting the risk status to the Company Board and senior management.

**Contributing Responsibilities**
- Perform technical and process based ICT risk assessments in partnerships with regional / global stakeholders.
- Support the oversight, check & challenge and reporting on the performance and operating effectiveness of ICT / IT controls across Company entities, with a focus on high risk areas and critical business operations
- Contribute to the industrialization of ORO-IT services by development of methodologies / tools for the achievement of assignments.
- Regularly and proactively monitor global events / incidents to determine new emerging risks areas and propose improvements to the risk assessment approach / processes.
- Establish and maintain relationships with RISK ORM, RISK ORM ORO-IT and Company entity stakeholders.
- Build and establish networks and relations with other key internal stakeholders (i.e. Global Security Operations, HR, Facilities, Legal, and Internal Communications).
- Support the development and implementation process for validating effectiveness of the ICT controlsRisk Management Environment:

- Identification & assessment: Ensure that the identification and assessment of operational risks are effectively done across the organization by correlating input from Audit Findings, Internal Loss Data Collection & Analysis, External Data Collection & Analysis, Risk Control Self Assessments, Business Process Mapping, KPIs & KRIs, Scenario Analysis, and Quantified Measurement & Comparative Analysis.
- Monitoring & Reporting: Implement a process to regularly monitoring operational risk profiles and material exposure to losses and provide appropriate reporting mechanisms to the board, senior management and the business lines. Data capture and operational risk reporting should be continuously enhanced and provide a feedback loop to enhance risk management policies, procedures and practices.
- Control & Mitigation improve the effectiveness of the Internal Controls programme by reviewing the control environment, risk assessment process, control activities, information and communication and monitoring activities. Assess operational risk response strategies. Validate risk transfer options.

**Technical & Behavioral Competencies**

**Essential**
- Demonstrated passion towards uncovering control weaknesses in processes and technology.
- Results-oriented and strong teammate with excellent analytical, problem solving skills. Outstanding presentation, written and verbal communication skills.
- Knowledge of compliance standards like CIS, NIST and GDPR. With high level knowledge of secure development practices and standards such as OWASP.
- Proficiency in concepts related to network infrastructures, information system security including emerging threats and attacks methodologies, in particular:

Network security, network equipment configuration, network protocols, network standards, supervision, "Conceptual Skills," "Decision Making," "Informing Others," functional and technical expertise, reliability, information security policy.
- Recognized skills for the integration of different security or data protection technologies within a coherent architecture to effectively cover the risks of the company.
- Good technical understanding of security technologies, including intrusio



  • Mumbai, Maharashtra, India BNP Paribas Full time ₹ 5,00,000 - ₹ 10,00,000 per year

    Position PurposeRISK Operational Risk Management (RISK ORM), created early 2021 to oversee operational risks within the mandate of the RISK function, is organised, under the responsibility of the Group Chief Operational Risk Officer (Group CORO), around 3 Poles: RISK ORM Framework, RISK ORM Technology & Transversal Risks and RISK ORM Network.Under the...


  • Mumbai, India BNP Paribas Full time

    Position Purpose RISK Operational Risk Management (RISK ORM), created early 2021 to oversee operational risks within the mandate of the RISK function, is organised, under the responsibility of the Group Chief Operational Risk Officer (Group CORO), around 3 Poles: RISK ORM Framework, RISK ORM Technology & Transversal Risks and RISK ORM Network. Under the...


  • Mumbai, Maharashtra, India BNP Paribas Full time ₹ 9,00,000 - ₹ 12,00,000 per year

    Position PurposeThe position, which is located which is located within the independent control testing team dedicated to APAC activities, provides support to RISK ORM APAC and specifically to the RISK ORM COO Office, Platforms and Territories (COOPT) team in relation to the following key elements:Contributes in the framework of the associated Governance...

  • Risk Officer

    2 weeks ago


    Mumbai, India SAMCO Asset Management Company Full time

    **Designation**: - Risk Officer **Reporting To**: - The CEO **Main Purpose of job**: - The role of the Risk personnel will encompass the analysis and reporting of risks in the following areas: 1. Investment risk Management 2. Credit Risk Monitoring 3. Operational risk management 4. Business Risk Management **Key Accountabilities: - ** The Risk...


  • Malad, Mumbai, Maharashtra, India Eway IT Solutions Full time

    **Job description: -** - Conducting compliance risk assessment training workshops - Conducting internal reviews and audits - Conducting environmental audits to ensure the company meets environmental requirements - Advising internal management and business partners on the implementation of compliance programs - Developing risk management strategies -...

  • Chief Risk Officer

    2 weeks ago


    Mumbai, Maharashtra, India Talent Leads HR Solutions Full time

    CRITICAL EXPERIENCE 8 years experience in Enterprise Risk Management Candidate would be responsible for mitigating those business risks that can impact a firms profitability This professional will also deal with enterprise risk management issues reducing those risks that can shut down operations Chief Risk Officer has to work through department managers...

  • Internal Auditor

    2 weeks ago


    Mumbai, Maharashtra, India Aliviar Risk Full time US$ 60,000 - US$ 1,20,000 per year

    The Internal Auditor will be responsible for evaluating financial and operational controls, ensuring compliance with regulations, identifying risks, and recommending process improvements for our clients. This role is ideal for someone who thrives in a client-facing environment and has a passion for delivering insights that drive business value.Key...

  • Internal Auditor

    1 day ago


    Mumbai, India Aliviar Risk Full time

    The Internal Auditor will be responsible for evaluating financial and operational controls, ensuring compliance with regulations, identifying risks, and recommending process improvements for our clients. This role is ideal for someone who thrives in a client-facing environment and has a passion for delivering insights that drive business value. Key...

  • Chief Risk Officer

    6 days ago


    Mumbai, Maharashtra, India beBeeSenior Full time ₹ 1,04,000 - ₹ 1,30,878

    Drive Business Growth as a Senior ManagerWe are seeking an experienced Senior Manager to lead our team in driving business growth and mitigating risks. The ideal candidate will have a strong background in risk management, finance, and operations.Job Description:Perform operational risk assessments of financial services provided to clients.Share risks with...

  • IT Risk Officer

    2 weeks ago


    Mumbai, India BNP Paribas Full time

    IT RISK OFFICER - ITIP (JOB NUMBER: IT 001556) **About BNP Paribas Group**: BNP Paribas is a top-ranking bank in Europe with an international profile. It operates in 71 countries and has almost 199 000 employees. The Group ranks highly in its three core areas of activity: Domestic Markets and International Financial Services (whose retail banking networks...