Responsibilities 

• RCSA Facilitation and Coordination: Facilitate and coordinate the Risk Control Self-Assessment process for technology teams, ensuring the timely completion of risk assessments, control testing, and issue management activities.
• Subject Matter Expertise: Serve as a subject matter expert on RCSA methodologies, frameworks, and best practices. Provide guidance and support to technology teams in understanding and implementing the RCSA process effectively.
• Risk Identification and Assessment: Collaborate with technology teams to identify and assess technology-related risks, ensuring comprehensive coverage of all relevant risk areas. Help teams develop and implement appropriate risk mitigation strategies.
• Stakeholder Engagement: Collaborate with various stakeholders, including technology teams, risk management functions, internal audit, and compliance, to facilitate effective communication and alignment throughout the RCSA process.
• Training and Awareness: Develop and deliver training programs and workshops to enhance technology teams’ understanding of the RCSA process, risk management concepts, and control frameworks.
• Reporting and Documentation: Prepare comprehensive reports and documentation summarizing RCSA findings, risk assessments, control testing results, and issue status. Present findings and recommendations to senior management and relevant committees.

Essential Qualifications:
 

• Minimum of 15 years of experience in technology risk management, preferably with a focus on RCSA facilitation and support in BFSI
• Strong knowledge and experience in risk control self-assessment methodologies, risk frameworks, and technology risk management practices.
• Excellent facilitation and coordination skills, with the ability to engage and guide cross-functional teams effectively.
• In-depth understanding of technology infrastructure, systems, and emerging technology trends.
• Strong analytical and problem-solving abilities, with keen attention to detail.
• Effective communication and stakeholder management skills, with the ability to build relationships and influence at all levels of the organization.
• . Demonstrated knowledge of Technology and Security risk framework – COBIT, FFIEC, NIST, ITIL, COSO, BASEL, and OCC Heightened Standards
• Professional certifications such as CISA, CISSP, CRISC, or equivalent are highly desirable.
• Bachelor’s degree in Computer Science, Information Systems, or a related field. Advanced degree preferred.