- Establishment of technology risk management framework within the organization considering a fast-paced technology environment across the industry
- Provides strategic and tactical direction and consultation on technology strategy and planning, development, security and compliance.
- Helps to ensure a foundation in the governance and management of technology risk within a fast-paced technology environment.
- Oversee and manage technology risk within a fast-paced FinTech environment, ensuring that risks are managed appropriately, and with agility.
- Design, implement, and monitor healthy first line controls for technology whilst upholding the integrity of technology and operational risk within the risk appetite
- Support CTO in providing a focal point of managing technology risk, including the design of effective controls and the systematic monitoring of risks
- Works directly with the external and internal stakeholders to facilitate information security risk analysis
- Identify and assesses potential risk and opportunities of vulnerability in the network and on information technology infrastructure and applications.
- Identify, assess and manages security risk for multiple IT functional areas (e.g., applications, systems, network and/or Web) across the enterprise.
- Assist in developing security solutions for highly critical, vulnerable and complex applications/system/platforms
- Serves as a subject matter expert (SME) for performing vendor risk assessments to improve overall vendor risk posture.
- Monitors the legal and regulatory environment for potential threats for recent technological developments.
- Recommends, manages, and monitor implementation of required changes to IT risk & security policies and procedures.
- Maintaining and updating organization’s technology risk bucket on regular basis
- Communicates with multiple departments and levels of management in order to resolve existing and potential technology risk exposures of the company.
- Develops remediation strategies with relevant technology team to mitigate risks associated with the operation and protection of the technological infrastructure, information and assets.
- Provides periodic risk and security briefings to advise on critical issues that may affect the business.
- Conducts knowledge transfer training sessions to relevant technology team on technology risk management and potential vulnerabilities and opportunities on infrastructure development and security.
- Leads and reviews application security risk assessments for new or updated internal or third party applications.
- Conducts impact analysis on the existing and potential technological vulnerabilities at to ensure resources are adequately protected with proper security measures.
- Creates, disseminates and updates documentation of identified information security risks and controls.
- Periodic reporting on significant risk and vulnerabilities trends along with mitigation strategies
- At least 10 year(s)
- Age at least 33 years
- Post-graduation from reputed local or international university in technology, engineering and business discipline
- Candidate having CISA, CISSP and other professional certification will get more preference
- Minimum of 10 years of work experience in IT audit or IT risk advisory for a public and professional services firm, local or multinational organization
- Relevant consulting or industry experience, preferably in a professional services environment or MNC
- Project management skills, and able to manage concurrent engagements as a Team Lead
- Solid experience in technology and/or risk management
- Experience in managing, building, or adapting a risk management framework
- Experience in governance, risk management, or operational risk
- Experience in the three lines of defense risk model
- Ability to understand and overcome the differences in the technology risk governance of a fast paced technological environment
- A respectful and balanced attitude towards both risk management and business development
- Leadership, teamwork and client service skills
- Ability to demonstrated integrity within a professional environment
- Experience of coaching and developing junior team member
- Other Requirement:
- Maintains an up-to-date understanding of industry best practices.
- Excellent communication and organizational skills
- Strong analytical and problem-solving skills
- Strong drive to excel professionally, and to guide and motivate others
- Dedicated, innovative, resourceful, analytical and able to work under pressure
- Foster an efficient, innovative and team-oriented work environment
Anywhere in Bangladesh