Job Purpose
Reporting to the Head of Risk & Compliance, the IT Risk Officer will be responsible for providing continuous independent risk management oversight on the Bank’s Technology investments and Information Security framework with regard to confidentiality, integrity, and availability of the IT infrastructure, processing systems, and related resources in line with the Bank’s Information Security and Risk Management policy.
Key Responsibilities
Assessing the risks and exposures related to cyber security and determining whether they are aligned to the institution’s risk appetite.
Monitoring current and emerging risks and changes to laws and regulations.
Collaborating with system administrators and others charged with safeguarding the information assets of the institution to ensure appropriate control design.
Maintaining comprehensive cyber risk registers.
Ensuring implementation of the cyber and information risk management strategy.
Safeguarding the confidentiality, integrity and availability of information.
Ensuring that a comprehensive inventory of IT assets is established and maintained.
Quantifying the potential impact by assessing the residual cyber risk and considering risks that need to be addressed through insurance as a way of transferring cyber risk.
Reporting all enterprise risks consistently and comprehensively to the Board to enable the comparison of all risks equally in ensuring that they are prioritized correctly.
Conduct red team exercises (accurate simulation of cyber-crime attacks).
Ethical hacking
