IT Risk

Description:

Job Purposed:

Responsible for managing IT risks across services, systems, and processes. This role supports the organization in strengthening its risk management framework by evaluating control effectiveness, promoting risk awareness, ensuring compliance with enterprise standards, and enhancing resilience against operational disruptions.

Main Responsibilities:

1.Establish and implement IT Risk Management Policy Framework across IT Directorate while maintain alignment with Enterprise Risk Management Policy Framework.

2.Acting as L1,5 as a bridging between L2 (Risk & Compliance) and L3 (Internal and External Audit) to L1 (IT as Risk Owner) in 3 Lines of Defense model.

3.Conduct and facilitate Risk and Control Self-Assessments (RCSA) across IT services, systems, and processes to identify key risks and evaluate control effectiveness

4.Implement and oversee Business Continuity Management (BCM) policies within the IT Directorate to ensure resilience and continuity of critical IT services.

5.Facilitate internal and external audits for IT and security, serve as the primary liaison to ensure smooth audit execution and timely evidence collection.

6.Oversee IT improvement initiatives to enhance the organization’s risk posture and ensure compliance with enterprise standards.

Employment Status: Permanent (P)