IT Security Governance Specialist

Job Objectives

The Security Governance Specialist role will support the Head of Security Governance in enhancing and maintaining the Security Governance within the Group Information Security(GIS) function in the Bank.

Key Responsibilities

This position will support senior Security Governance team members and work closely with various business, risk and technology stakeholders to:

. Proactively assess the compliance exposure to current and emerging security-related regulatory requirements and plan & track remediation efforts.

. Manage reverse third-party due diligence engagements related to GIS.

. Manage audit, assurance and regulatory engagements related to GIS including ongoing knowledge management on queries and request for information.

. Track and report against the technology KORI(Key Operational Risk Indicators)/KRIs and required security metrics.

. Execution of the GIS KRCSA (Key Risk and Control Self Assessments).

. Management policy, procedures and standards updates and control.

. Manage various GIS initiatives and duties as assigned.

Key Requirements

. Communicate effectively with a variety of internal and external teams and stakeholders.

. Capable of managing a variety of priorities and deliverables with minimal guidance or supervision.

. Ability to respond to any requests and issues on a timely basis.

Education

. Diploma/Degree in engineering/Computer Science / IT/Cyber Security from a recognized education institution.

. Professional Technology Risk Management/Cybersecurity related qualification will be favorable although not mandatory.

. Knowledge of industry best practices.

Technical Skills

. Overall experience 5+ years of experience.

. 2+ years of relevant experience in Security/IT governance disciplines.

. Have a strong security risk and analytical mindset in approaching situations and interactions with stakeholders.

. Effective negotiating skills and demonstrated sensitivity to working and interacting with stakeholders.

. Good knowledge of Security concepts and practices.

. Good knowledge of Security related guidelines and advisories from regulators.

. Good with numbers for use in metrics.

Soft Skills

. Good written and verbal communication skills and expertise in setting and managing stakeholder expectations.

. Process aware mindset.

. Strong analytical and problem-solving skills.

. Effective time management and organizational skills.

. Strong team player.

. Able to work independently with minimal supervision.

. High degree of attention to detail and discipline on tracking and managing the closure of identified gaps and issues.

. Willing to learn quickly.