Role/ Job Title: Senior Specialist - IT Governance & Compliance (IT Operational Risk Management)
Function/ Department: Information Technology
Roles & Responsibilities:
- Review of Policies, Product Notes, Product notes / Standard Operating Procedures from Operational Risk perspective and documentation of risk register for banking channels/products for e.g. Internet banking, Mobile Banking, UPI, Corporate Internet Banking, ENACH, E-Toll, SMS, IVR Banking etc. and IT & ISG
- Control Self testing to be conducted, to evaluate efficiency of controls claimed as per the Risk and Control Matrix.
- Identification and monitoring of Key Risk Indicators (KRI s) for units ensuring that deteriorating KRIs are tracked for resolution and remedial measures for getting back to acceptable levels.
- Tracking & Monitoring of Incidents reported, corrective/preventive actions taken in timely manner by assigned units for e.g. Digital banking units, IT and ISG. Investigating the same and assuring that necessary corrective action and preventive action are provided by the unit before finalizing the same with the ORM team.
- Review of the action points implemented and leading the remediation of the Audit observations to closure whereby the controls implemented stand the test of review and avoidance of recurrence.
- Defining, implementing and functionalizing a Risk Management Frameworks and Programs in collaboration with various stake holders.
- Strengthen Operational Risk Framework and ensure implementation and governance process through periodic MIS and engagements with stake holders on remedial plans.
- Help and train stakeholders in ensuring adherence to Operational Risk Frameworks.
- Senior Management reporting work such as preparation of presentations, minutes of meeting etc.
- Excellent written and verbal communications skills.
Required Skills:
- Technical, functional knowledge and experience of working in risk team and have relevant experience of working in Banking channels for e.g. Internet Banking & Mobile banking, UPI etc and IT and ISG areas.
- Shall have good knowledge and experience of Information Technology (IT) applications and IT/Information Security risks and controls review.
- Shall have good knowledge and understanding of Third party/vendor involvement and various fintech models involved in digital banking space.
- Ability to drive periodic updates to senior management and remediation programs in line with Risk Management Practices
- Ability to Drive Remediation Programs on corrective Action plans in a timely manner through effective governance.
Education Qualification (Fulltime):
Graduation: Bachelor of Technology - B.Tech, Bachelor of Computer Applications - BCA, Bachelor of Engineering - BE, Bachelor of Science - B.Sc
Post-graduation: Master of Technology - M.Tech, Master of Computer Applications - MCA, Master of Business Administration - MBA, Master of Science - M.Sc
Good To Have Certifications:
Preferred Certifications: CISA, ISO27001/002 (ISMS), ISO22301(BCMS), CISM, CRISC , PMP
Experience:
Minimum of 10+ Years in IT ORM Information Technology (IT) applications risks and controls review.