Senior Manager IS GRC-Risk Management&Reporting.Information Security Group-ISG

The Information Security Risk Management and Reporting Manager supports in formulating the overall risk management strategy and objectives for the bank&aposs information security function. This role involves aligning security risks with business goals, defining risk priorities, and establishing clear objectives to mitigate and manage risks effectively. The role will drive Information Security processes through enabling automation, designing & enabling solutions to automate risk management processes across the bank.), ensuring seamless integration, enhanced risk visibility, and streamlined reporting using advanced GRC tools.

• Risk Management Life-Cycle :
• Define risk lifecycle management process for the bank in alignment with ERM and ORM, and enable the same in ISG GRC solution to support the unit.
• Act as a trusted advisor to the Business when supporting risk-based decisions.
• Develop and implement, in collaboration with ERM and ORM, a Risk Appetite lifecycle framework to ensure continuous alignment with business needs, the internal and external threat landscape, and regulatory requirements.
• Assure Information Security exceptions are documented, effectively assessed and approved by respective risk owners and tracked for closure.
• Cyber Risk Management :
• Manage the organization's cyber risks by having a mechanism to identify the key cyber risk to the organization and documenting and reporting to effectively track for closure.
• Cyber Risk Quantification :
• Quantify the organization's cyber risks. Use qualitative or quantitative methods to assess the potential impact of cyber risks on the organization.
• Cyber Risk Register
• Develop and maintain a centralized risk register to ensure proper tracking and effective reporting of the identified risks.
• Ensure continuous updating to capture new risks, changes in risk status, and remediation progress, enabling informed decision-making and proactive risk management.
• Cyber Best Practice Sharing :
• Regularly share updates on the latest cybersecurity best practices.
• Encourage teams to incorporate these practices into their daily operations.
• Vendor Relationship Management :
• Serve as the main liaison between the organization and GRC solution vendors. Manage BRDs, contracts, licensing, and renewals, ensuring that services and tools meet the company's evolving needs and compliance requirements.
• IS GRC Solution Management :
• Be the business owner of the bank's GRC platform for ISG and oversee the management of the organization's IS GRC solution.
• Enable centralized knowledgebase and GRC solution to automate Information Security activities and governance process with a centralized risk register, risk reports, and dashboards related to overall risk posture for specific location and business unit.
• Ensure that the solution is effectively used to support the organization's information security governance, risk, and compliance activities.
• Support local CISOs / IS SPOCs in regulatory audit discussions and data required from ISG, and enable the local CISOs with Prism access to onboard the open issues for centralized tracking and governance.
• Serve as the main liaison between the organization and GRC solution vendors. Manage BRDs, contracts, licensing, and renewals, ensuring that services and tools meet the company's evolving needs and compliance requirements.
• Ensure that the GRC tools are properly configured to address the organization's specific risk, compliance, and audit requirements.
• Ensure the smooth operation of GRC solutions, including monitoring system performance, identifying issues, and implementing resolutions promptly
• Develop training materials and provide ongoing support for GRC platform users, ensuring they can effectively leverage the tools for risk and compliance activities.

General

The leading financial institution in MENA

While more than half a century old, we proudly think like a challenger, startup, and innovator

in banking and finance, powered by a diverse and dynamic team who put customers first.

Together, we pioneer key innovations and developments in banking and financial services.

Our mandate To help customers find their way to Rise Every Day, partnering with them through

the highs and lows to help them reach their goals and unlock their unique vision of success.

Delivering superior service to clients by leading with innovation, treating colleagues with dignity and fairness while pursuing opportunities that grow shareholders value.

We actively contribute to the community through responsible banking in our mission to inspire more people to Rise.

Show more

Show less

Skills Required

CSP, Risk Assessment, Cobit, Information Security, Iso27001, Cyber Security, Swift