Job Description
Company Introduction
Our client is a bank.
Job Responsibilities and Duties
- Identify, measure, analyse and report the material risks of the Group;
- Carrying out risk assessments, using defined processes for recognising potential risk factors, quantifying and documenting the likelihood of security and operational risk, and the impact on the business;
- Monitor and track incidents to ensure that in-scope information does not leave the Group and execute remediation efforts, in support of the Group’s Information Security and Data Protection programs;
- Preventing incidents specific to authorised data exfiltration through: external emails; print; external web uploads; removable media; and other novel exfiltration methods as they are identified;
- Analyse incidents/tickets generated and determine next steps in accordance with established processes and procedures;
- Partner with necessary teams to classify events and ensure execution of complete remediation solutions;
- Notify impacted parties in a timely and efficient manner as events occur, in accordance to established policy and procedures;
- Partner with necessary teams on initiatives aimed at improving overall processes and deliverables for Unit or Group initiatives;
- Promote Group awareness by developing training and education programs to cover Data Protection and Information Security;
- Report on monthly metrics to help identify and understand trends identified through reporting;
- Extend support to the various units at Risk especially in the areas of data extraction, risk aggregation, consolidated reporting, risk models and stress testing;
- Support the Bank’s Board of Directors in the formulation, review and dissemination of the Bank’s Risk appetite framework;
- Delivering of Presentations and Reports;
- Collaborating with Regulatory Bodies;
- Keeping up to date with Regulation.
Experience
- MQF Level 6 Qualification in Computing or Compliance or Risk discipline or related area or equivalent experience;
- Experience in working with highly sensitive information;
- Previous experience in the areas of Data Protection, Risk, Compliance, Data Analysis;
- A Certification or Course completion in the area of GDPR will be considered an asset.
Personal Skills
- Excellent written and spoken communication skills in English;
- Ability to work under pressure and unsupervised;
- Willingness to pursue appropriate certifications in areas related to the field;
- Team player and flexible;
- Strong knowledge in Microsoft Office.