Team Member - IRM-SUPPORT SERVICES-Information Risk Management Team

As part of our Technology Risk team, you will be performing IT assessments (IT General Controls and IT Application Control testing). Working with Technology Risk team, you will also perform/ provide insights to IT Risk assessment, IT Governance, ERP reviews, Application control reviews, Cybersecurity reviews and conduct maturity assessment on the current IT posture.

• Prior experience in assessment, monitoring and reporting of the below technology risk domains (minimum 4 domains): -

• IT Risk Assessments
• SystemAcquisition & Lifecycle Management
• Problem Management (Change Management, IT Incident Management, Patch Management etc.)
• Resilience (BCP, DR, Backup & Recovery)
• Identity & Access Management
• Physical & Environmental Controls
• Third Party Management
• Capacity Management
• Logging and Monitoring

• Conduct technology reviews (performance, capacity, change etc.) and design reviews of new applications/enhancement in existing applications, APIs, infrastructure and identify design gaps.
• Provide recommendations for identifying and measuring key control indicators and key performance indicators in technology domains to assess and review performance of critical systems and applications.
• Prepare dashboards for management review.
• Review technical incidents and discuss and conclude root-cause ananlysis (RCA). Provide recommendation or suggestion to product/application team to avoid recurrence of the incident.
• Help verify the risks identified by IT stakeholders through self-assessment and discuss the findings with the internal stakeholders.
• Timely follow-up of open issues and observations flagged by internal audit, external audit, and regulators
• Identify technology risk on an ongoing basis for existing and new processes and products, or changes contemplated to existing products and processes.

• Bachelor's degree in any discipline.
• 8-12 years work experience in IT risk management.
• Minimum 5 years experience in Application design reviews.
• 4-5 years experience of BFSI Industry would be preferred.
• Knowledge of ITIL, ITSM, ISO27001, CoBIT, ITIL V3 would be preferable
• Knowledge of cloud services and cloud security controls would be preferable.
• Excellent communication skills (written and verbal) with an ability to explain complex topics to both technical and non-technical audiences
• Good analytical and presentation skills.