Conduct and coordinate IT Risk & Problem Management related activities in TOG.
Assist to establish and review the technology risk management policy, mechanism and tools of the Group with reference to Head Office and regulatory requirements.
Assist and monitor first line of defense in applying technology risk management tools in identifying, assessing, monitoring and controlling technology risk, and provide guidance on necessary mitigation measures.
Assist to prepare regular management reports on technology risk status of the Group.
Assess the adequacy and effectiveness of the controls from technology risk perspectives during due diligence of new and existing products/ service propositions and incident handling, provide advisory and recommendation on new technology solution of IT initiatives.
Coordinate technology risk related regulatory examinations and communication, conduct reviews to identify possible risks and provide recommendations to address the control weakness, and monitor the implementation progress of the remedial action(s)
Stopping repeating incidents and analyzing their business impact.
Ensure the specific technical skills required are provided to deliver an effective problem management function providing gap analysis and roadmap for improvement of service
Analyze problem reports and statistics to propose resolutions to reduce the number of incidents, by proactively identifying and preventing possible incidents
Ensure an effective and coordinated set of processes are maintained across all services, suppliers and customers
المهارات
Qualifications & Experience
Strong qualification in Information Security. Professional qualification/international certifications such as CISSP, CISA, and CISM, CRISC or equivalent are favorable.
Proficient in knowledge of the IT infrastructure (hardware, databases, operating systems, local area networks etc.) used within financial organization
Has a broad knowledge and understanding of IT concepts and architectures, coupled with proven experience of successfully managing incidents and problems
Has general awareness of the nature of business-critical incidents, and of their implications for the business