Risk Reporting Specialist

Job Title: Risk Reporting Specialist Location: Remote Experience: 10 -15 Years Job Description The Risk Reporting specialist plays a critical role in ensuring effective risk visibility within the Information Security Group (ISG). This position focuses on streamlining the reporting process and leveraging data driven insights and performance tracking to contribute to the bank’s overall risk management strategy. The role involves conducting comprehensive risk analysis and assessments to identify and highlight key information security risks across the bank. The role will focus on developing, maintaining, and enhancing risk reporting frameworks along with driving the creation and tracking of information security risk register, metrics and monitoring Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs), and reporting on emerging risks to ensure timely and informed decision-making. Key Responsibilites A mid senior level officer with sound knowledge and expertise in information security risk management with experience of managing enterprise projects and of direct and in-direct relationship with senior and executive management. Strong experience and knowledge across the Information Security and Cyber Security domains including governance, policy procedures, compliance management, risk management and security incident response etc. Strong experience in Banking environment with strong understanding on key security frameworks such as ISO27001.XX, NIST 800.xx, PCI-DSS, SWIFT CSP, COBIT etc. Strong analytical skills with the ability to interpret complex data and translate it into actionable insights. Proficiency in data analysis tools (Excel, SQL, etc.) and data visualization platforms (Power BI, Tableau, etc.). Strong knowledge of data aggregation, analysis, and reporting techniques. Experience with reporting automation and process optimization tools Strong interpersonal, analytical, and technical skills with strong decision making and prioritization skills. Sound knowledge of evolving advanced tech stacks and related control and risk universe. Sound knowledge and expertise in conducting risk assessment. Have over 10+ years of rich experience in information security domain and at least 2-3 years of dedicated experience in one of the GRC domains (Policy, Governance and Culture, Cyber Strategy & Program Management and Risk and Compliance). Master’s degree in IT/Information Security Show more Show less