Job Description |
Responsibilities
- RCSA Facilitation and Coordination: Facilitate and coordinate the Risk Control Self-Assessment process for technology teams, ensuring the timely completion of risk assessments, control testing, and issue management activities.
- Subject Matter Expertise: Serve as a subject matter expert on RCSA methodologies, frameworks, and best practices. Provide guidance and support to technology teams in understanding and implementing the RCSA process effectively.
- Risk Identification and Assessment: Collaborate with technology teams to identify and assess technology-related risks, ensuring comprehensive coverage of all relevant risk areas. Help teams develop and implement appropriate risk mitigation strategies.
- Stakeholder Engagement: Collaborate with various stakeholders, including technology teams, risk management functions, internal audit, and compliance, to facilitate effective communication and alignment throughout the RCSA process.
- Training and Awareness: Develop and deliver training programs and workshops to enhance technology teams’ understanding of the RCSA process, risk management concepts, and control frameworks.
- Reporting and Documentation: Prepare comprehensive reports and documentation summarizing RCSA findings, risk assessments, control testing results, and issue status. Present findings and recommendations to senior management and relevant committees.
Essential Qualifications:
- Minimum of 15 years of experience in technology risk management, preferably with a focus on RCSA facilitation and support in BFSI
- Strong knowledge and experience in risk control self-assessment methodologies, risk frameworks, and technology risk management practices.
- Excellent facilitation and coordination skills, with the ability to engage and guide cross-functional teams effectively.
- In-depth understanding of technology infrastructure, systems, and emerging technology trends.
- Strong analytical and problem-solving abilities, with keen attention to detail.
- Effective communication and stakeholder management skills, with the ability to build relationships and influence at all levels of the organization.
- . Demonstrated knowledge of Technology and Security risk framework – COBIT, FFIEC, NIST, ITIL, COSO, BASEL, and OCC Heightened Standards
- Professional certifications such as CISA, CISSP, CRISC, or equivalent are highly desirable.
- Bachelor’s degree in Computer Science, Information Systems, or a related field. Advanced degree preferred.
|