Search thousands of fresh jobs

×
Return to results
This job is expired
Bidvest Bank

IT Risk Manager at Bidvest Bank

Bidvest Bank

  • R Undisclosed
  • Permanent Management position
  • Sandown
  • Posted 15 Nov 2022 by Bidvest Bank
  • Job 2488863
Save

About the position

To facilitate and monitor the adequate and effective management of Information Technology (IT) Risk Management throughout the Bank as second line of defense.
Responsible for the identification, measurement, control and minimisation of loss associated with risks throughout the IT environment. The development, documentation, implementation and monitoring of the Bank's IT Risk Management Framework and the IT Risk Management Policy.
Stay abreast of best practices and regulations from an IT Risk Management perspective and provide advice and or guidance with respect to IT Risk Management practices.

RESPONSIBILITIES

FINANCE
Cost Management

  • Reduce operating cost through process efficiency and innovation where possible

CUSTOMER CENTRICITY
Service Excellence

  • Establish and continuously maintain positive relationships with members of all Departments/Business Units within the Bank.
  • Establish and maintain a positive presence of the IT Risk Management function within the Bank by fostering constructive professional relationships with all staff members
  • .Build and maintain solid and good relationships with External Regulators and Auditors.

OPERATIONAL EXCELLENCE
Internal Processes

  • Identify risks which might occur within the environment through continuous interaction with the relevant Departments/Business Units within the Bank and follow-up with regards to IT Risk assessments performed.
  • Review and report on the completed IT Risk assessments and provide recommendations where required from an IT Risk Management perspective.
  • Stay knowledgeable of current advances in all areas of information techology concerning vulnerabilities, Information Security/Cyber Security breaches and ormalicious attacks.
  • Identify vulnerabilities or weaknesses in systems and propose remediation plans where required. The progress made with regards to the proposed remediation plans to be tracked until such time that the associated risks and or threats have been addressed/mitigated or Management accepted.
  • Evaluate IT Policies, processes and procedures for completeness and recommend any amendments and or improvements where required.
  • Ensure that controls are adequate to protect sensitive information systems with in the environment.
  • Clearly document and define risks and potential impacts along with the statistical probability of such an event occurring and identify systems affected by the defined risk/s.

Risk Assessments

  • Conduct and manage ongoing IT Risk reviews at Departmental and or Business Unit level in line with the pre-defined IT Risk Coverage Plan.
  • Facilitate and or manage IT Risk assessments conducted of Departments/Business Units within the Bank
  • Recommend to Management and facilitate the implementation of practical and value-add mitigating strategies based on the results of IT Risk assessments performed.

IT Risk Management Framework and Policy

  • Establish, review and obtain approval of the IT Risk Management Framework and Policy - which is to be reviewed and approved annually by the Risk and Capital Management Committee (RCMC).

IT Risk Coverage Plan

  • Ongoing review and update of the IT Risk Coverage Plan for the IT Risk Department.

Risk Register

  • Maintain the Bank's risk register for the IT Department in Cherwell from an IT Risk perspective.

Reporting
? Preparation of the following reporting.:

  • IT Risk Management Input for Risk EXCO (Monthly).
  • IT Risk Management Report (Quarterly).
  • Key Risk Indicator (KRI) Reporting for the IT Department (Quarterly).
  • IT Risk and Cyber Security Committee minutes, which includes the review and distribution of the Committee agenda and action item list to the Committee members.
  • Operational Risk Committee Dashboard for the IT Department. (Quarterly).
  • Risk Data Aggregation and Risk Reporting (RDARR) reporting, (When Required).

Business Continuity Management and Disaster Recovery Planning

  • Participation in all Business Continuity and Disaster Recovery tests from an IT Risk perspective.
  • Review and update of the IT Business Impact Analysis for the IT Department (Quarterly) in collaboration with the IT Management team.
  • Review and update of the risk register with any IT related risks following a Business Continuity or Disaster Recovery test following a discussion with the Chief Information Officer (CIO) and the Chief Risk Officer (CRO) - followed by written confirmation.

Principles of sound IT Risk Management

  • Facilitate the implementation and embedding of the principles of sound IT Risk Management throughout the Bank as set out in the Bank's IT Risk Management Framework.

Key Risk Indicator Framework

  • Facilitate the implementation and ongoing review and monitoring of the Key Risk Indicator (KRI) Framework for the IT Department in collaboration with the IT Management team

IT Risk Appetite and RiskTolerance

  • Assist in recommending the overall risk appetite and risk tolerances for IT Risk incollaboration with the CRO to the RCMC.

Information Security Awareness

  • The review, update and annual approval of the Bank's Information Security Awareness Strategy in collaboration with the CIO and the Chief Information Security Officer (CISO).
  • Provide input into the monthly Information Security Awareness news letters which are sent to all the Bank's employees in collaboration with the CISO.

Committees/MeetingsAttendance

  • IT Risk and Cyber Security Committee
  • Banking Association of South Africa (BASA) IT Risk Task Group.
  • Testing Governance Committee.
  • Operational Risk Committee
  • Data Governance Council.
  • SABRIC Steering Committee (when required, as the Committee is attended by theCISO on behalf of the Bank).
  • Regular IT Risk feedback meetings with the CRO, CIO, IT Management and Line Management within the Bank

Risk Data Aggregation and Risk Reporting (RDARR)

  • Assist with RDARR project work from an IT Risk perspective when required.

REQUIREMENTS

Qualifications

  • Bachelor of Commerce Degree

Experience

  • 3 to 5 years IT Risk experience within the Banking industry.

Knowledge, Skills and Abilities Required

  • Excellent written and verbal communication skills.
  • Computer literate, with intermediate-level Word, Exceland Power Point processing skills.
  • Analytical and problem-solving skills.
  • IT and Business acumen.? Inter-personal and other qualities such as:
  • Self-starter and take initiative
  • Continuous improvement of day-to-day tasks and deliverables.
  • Innovative with attention to detail.
  • Self-motivated and performance driven with positive and constructive interaction with direct and indirect staff members within the Bank.
  • Knowledgeable in IT Risk Governance.
  • Strong understanding of regulations relating to IT Risk.

WORKING CONDITIONS
Sandton Corporate Office with the ability to work from home with ad-hoc travel when required.

Desired Skills:

  • Information Technology
  • Banking
  • Risk Reporting
  • Risk Management

Bidvest Bank

View employer profile

See all Bidvest Bank jobs

Receive a daily digest of all new jobs matching this job. Your information is safe with us and you can cancel any time.

Job expired on 2022/11/22

Email me jobs similar to: IT Risk Manager at Bidvest Bank

Receive a daily digest of all new jobs matching this job: Senior IT Auditor. Your information is safe with us and you can cancel at any time.

Create alert
×

Update profile

Recruiters require your CV and profile for job applications and to search for suitable candidates.

It's been over a year. Please review your profile to ensure it's still up-to-date. You will have an opportunity to also upload a new CV.

Start