Support Risk Management and Supervision team [RMS] in charge of assessing the risk profile and the effectiveness of the information security risk systems of the Groups Business and Service Units.
Review IT risk self-assessments and follow -up the implementation of agreed risk remediation plan.
Proactively understanding existing/upcoming regulations.
Facilitating local compliance with information security policy as well as appropriate regulations/laws
Assisting in the development / changes to the ICT risk frameworks, a strong risk management culture and to be recognized for providing expert operational risk advice.
Partner with sr. stakeholders to proactively identify ICT risks and assess the adequacy of controls to manage such risks, including recommending enhanced or additional controls.
Proactive in identifying and following up on ICT anomalies / areas of concern.
Independently review, challenge and support information security activities. - Review the analyses conducted by the LOD1 (ORMs/CISO/BU-SU Program Managers etc.) on their information security risk profile and the related remediation actions
In response to material information security incidents, whether internal or external, conduct independent deep dive review of the preliminary, interim, and final incident investigation report and act as a challenge function to such reports.
Support information security reporting and monitoring of metrics and Key Risk Indicators (KRI) at the product line and divisional levels; continuously review existing body of KRI and related reporting.
Consult with internal groups such as CISO, Infrastructure, Compliance, Legal, and other Operations teams on matters related to information risk controls, self-assessments, security incidents and infrastructure projects security aspects.
Participate in the validation of the information security standards and standards applied by the BUs/SUs and the requested exceptions.
Profile required Support Risk Management and Supervision team [RMS] in charge of assessing the risk profile and the effectiveness of the information security risk systems of the Groups Business and Service Units.
Review IT risk self-assessments and follow -up the implementation of agreed risk remediation plan.
Proactively understanding existing/upcoming regulations.
Facilitating local compliance with information security policy as well as appropriate regulations/laws
Assisting in the development / changes to the ICT risk frameworks, a strong risk management culture and to be recognized for providing expert operational risk advice.
Partner with sr. stakeholders to proactively identify ICT risks and assess the adequacy of controls to manage such risks, including recommending enhanced or additional controls.
Proactive in identifying and following up on ICT anomalies / areas of concern.
Independently review, challenge and support information security activities. - Review the analyses conducted by the LOD1 (ORMs/CISO/BU-SU Program Managers etc.) on their information security risk profile and the related remediation actions
In response to material information security incidents, whether internal or external, conduct independent deep dive review of the preliminary, interim, and final incident investigation report and act as a challenge function to such reports.
Support information security reporting and monitoring of metrics and Key Risk Indicators (KRI) at the product line and divisional levels; continuously review existing body of KRI and related reporting.
Consult with internal groups such as CISO, Infrastructure, Compliance, Legal, and other Operations teams on matters related to information risk controls, self-assessments, security incidents and infrastructure projects security aspects.
Participate in the validation of the information security standards and standards applied by the BUs/SUs and the requested exceptions\