Key Accountabilities:
· Implementing IT Risks Process responsible for implementing an overall IT risk management process for the IT department
· Participate in establishing and quantifying the IT department’s risk appetite based on the
Bank risk appetite i.e. the level of risk they are prepared to accept identified risks and ensuring the proper integration of IT Risk with business goals and objectives.
· Implementing the IT Control Monitoring and Maintenance system responsible for implementing the IT risks controls involving external risk reporting to stakeholders as well as maintaining and tracking IT controls within the control inventory as well as control issues and their remediation plans.
· Implementing the IT Risk Assessment responsible for executing the risk evaluation process which involves comparing estimated risks with criteria established by the bank such as costs legal requirements and environmental factors and evaluating the IT department previous handling of risks
· Monitoring and controlling IT risks responsible for participating in reporting for different audiences from different levels management business and individuals
· Raising the IT staff Risk Awareness responsible for providing support education and training to IT staff to build risk awareness within the IT department
· Participating in creating detailed process flows identifying gaps and or inconsistencies and make sound recommendations for improvement and/or migration.
· Identifying acceptable levels of residual risk and assist with action plans policy and procedural changes for risk avoidance and mitigation.
· Participate in developing the IT Risk Management responsible for maintaining IT risk metrics and reporting IT risk posture to IT management on a scheduled basis.
· Risk auditing and reviews preparation responsible for participating in assessing all IT areas for adherence to controls policy procedures and standards with respect to risk mitigation action plans. Follow up on deficiencies identified in monitoring reviews self-assessments automated assessments and internal and external audits to ensure appropriate remediation measures have been taken. Tracking risk mitigation steps (from self-assessments &
Internal Audit) and ensure that risks are remediated appropriately and in a timely manner.
· Developing Risk Mitigation Plans and Response Plans responsible for participating in leading IT teams efforts in developing the mitigation steps many have been identified in monitoring reviews self-assessments automated assessments and internal and external audits also collaborating with
Internal Audit and audit finding owners to ensure changes to the remediation plans are understood documented and tracked as well as assisting in implementing all aspects of the Technology Risk Management Program.
· Integrating Risk Management into software development life cycle responsible for reviewing the process for software development life cycle and identifying the gaps to ensure that proper integration of the Risk Management process controls
· Adhere to systems policies procedures and productivity standards.
· Participate in developing team strategic goals and define teams objectives.
· Maintain professional and technical knowledge and benchmark state-of-the-art practices
· Report the analytical daily statistics and recommend actions to resolve any issues that arise
· Perform daily operational activities and brings out issues and risks that may arise as a result of the process overflows.
· Comply with ADIB security policies.
· Comply with team SOP (policies and procedures)
· Presenting to IT Risk Manager headline stats and analysis with recommendations for changes on regular basis
And any other assigned tasks.
Minimum Qualifications:
· Bachelor Degree in Engineering Computer Science or Communication
· At least 4 years Information Technology experience and/or Risk Management disciplines preferable in the banking industry
· At least 2 years of experience in a similar managerial position
· Experience with IT Governance Risk and Compliance (IT GRC) tools
· CIA PMP CISSP CISA CRISC or CISM certification (is a plus)
apply from here 
