Job Description

Location
Doha, Qatar
Experience
5-11
Job Type
Recruitment


Responsible for identifying, assessing, and mitigating IT and digital risks that may impact the organization. This role will work closely with various teams to ensure the security and integrity of the organization's IT systems and data.


The IT Risk Officer will be responsible for conducting and challenging Root Cause Analyses (RCAs) for IT-related incidents, identifying controls and control gaps in digital processes, and supporting the bank's digital transformation initiatives. This role requires a proactive individual with a strong understanding of IT risk management and digital transformation.

Key Accountability Area

1. Conduct comprehensive risk assessments to identify, prioritize, and document IT and digital risks, including cyber threats, data breaches, and system failures.


2. Develop and implement detailed risk mitigation plans with specific actions to reduce or eliminate identified risks.


3. Identify, assess, and prioritize IT and digital risks, including cyber threats, data breaches, and system failures.


4. Develop and maintain a risk register to track and monitor risks.


5. Respond to Digital IT and risk incidents promptly and effectively, following established incident response procedures.


6. Investigate digital and IT incidents, contain the breach, and implement corrective actions to prevent future occurrences. Document incident response activities and conduct post-incident reviews to identify lessons learned.


7. Risks to IT Infrastructure, including Cloud, and other such sources, to be identified along with drivers and management actions recommended.


8. Review DevOps processes, developments, controls, and recommend actions thereof


9. Review the digital landscape of the bank from a risk perspective and recommend mitigations thereof.


10. Root Cause Analysis (RCA):Conduct and challenge RCAs for IT-related incidents to identify underlying issues and recommend corrective actions.


11. Control Identification:Identify and assess controls within digital processes, ensuring they are effective and aligned with the bank's risk management framework.


12. Control Gap Analysis:Identify control gaps in digital processes and recommend improvements to mitigate risks.


13. Digital Transformation Support:Collaborate with digital transformation teams to ensure IT risks are identified and managed effectively.


14. Conduct regular risk assessments to identify vulnerabilities and ensure compliance with security standards.


15. Plan and execute regular audits and assessments to evaluate the effectiveness of digital and IT controls, identify vulnerabilities, and recommend corrective actions.


16. Work closely with IT and Information Security to integrate security into system design, development, and operations. Provide guidance and support on security best practices.


17. In collaboration with IT and Information Security , Evaluate, select, configure, and maintain security tools such as firewalls, intrusion detection systems, and encryption solutions.


18. Work Closely with IT and Information Security to develop, implement, and maintain comprehensive security policies, procedures, and standards that align with industry best practices and regulatory requirements. Ensure that these policies are communicated and understood by all employees.


19. Stay up-to-date with the latest cybersecurity threats, vulnerabilities, and industry trends.


20. Carry out additional tasks as assigned by the line manager, such as participating in IT security projects, conducting Information Security awareness training


21. Provide support and expertise on IT and Information security matters as needed.


22. Perform other tasks as required by Line Manager

Qualifications /

Education

Bachelor's degree in related discipline.

Years of Experience:

Minimum 6-8 years of experience in IT Ris

k

Preferred Professional

Certificates (if applicable)

ITIL (Information Technology Infrastructure Library)


and Certified Information Systems Auditor (CISA)












Skills
Information Technology, Proactive, Risk Assessment, Devops, Information Security, Accountability, Compliance, Itil, Strong Understanding, Cybersecurity, Trends