Head of Service- Technology GRC- International Oversight

Head of Service- Technology GRC- International OversightFull-timeDivision: GCOOJoin the UAE’s largest bank and one of the world’s largest and safest financial institutions. Our focus is to create value for our employees, customers, shareholders and communities to grow through differentiation, agility and innovation. We are looking for top talent and your success is our success. Accelerate your growth as you help us reach our goals and advance your career. Be ready to make your mark a top company, in an exciting & dynamic industry.Key Accountabilities:Oversee the Tech-GRC domain for all international branches, reporting into the Head of Technology-GRC, and coordinating a team of regional managers to:GovernanceEstablish strong working relationships with international management and IT teams to ensure continuously improved Technology GRC practices.Ensure local branch IT operations and Tech-GRC practices and processes align with those of the Group.Create appropriate IT policy and process addenda where so required, incorporating local regulatory mandates.Establish and oversee IT-governance forums to ensure strategic, operational and risk alignment of international branches and Group.Provide sound IT-GRC advisory services to international teams, while demonstrating a strong understanding of various IT standards, frameworks and good practices.Establish checklists to carry out gap assessments of regional IT practices and controls against industry standards and IT-related regulations applicable to the financial sector.Define, monitor and report on IT-Risk & Governance KPIs and metrics in-line with IT objectivesEnsure vendor agreements supporting international technology services are in line with Bank’s IT policies, processes and standard, and regulatory mandates.Conduct annual process maturity assessment and benchmark of international branches against industry standardPrepare regular dashboards and reports for various working group and committee meetingsDemonstrate ability to manage stakeholders and a team remotely to drive prioritized results and transparency with regards to IT risk management and governance activitiesFacilitate external and regulatory audits and self-assessments.Regularly review local IT Service Level performance, collaborating with relevant teams on continuous improvement and annual refresh of SLAs Agreements.Facilitate and prepare for regular regional technology governance committees.Actively participate in relevant technology project committees to ensure adequate and timely governance and risk reviewsMaintain oversight of regional IT Incidents, ensuring timely reporting to risk and management functions.Risk Management and ControlUnderstand the overall risk profile of international branches and ensure that the risks are managed and prioritized properlyAct as a subject matter expert and create a first line of defence environment for the Bank’s International IT Operations with regards to IT risks and remediations.Support a culture of risk-awareness, transparency, integrity, and a platform of clear communication, escalation and trust.Ensure risk limit is in line with FAB risk appetite and compliance with Group ORM policy frameworkIdentify all material risks, including the risks associated with new or complex products, vendors/partners and high risk activities.Facilitate and oversee the collaboration of international branches with regards to the planning and execution of risk control self-assessments.Facilitate the development and execution of the regional technology assurance framework and programRegularly evaluate IT risks, and maintain continued awareness of the business and risk profiles and changes in the operating environment and financial markets that may give rise to emerging risks.Any excesses or exceptions to risk limit should be reported promptly to the senior management and risk committee for necessary actionEnsure completion and rectification of internal and external audit comments within target datesAssist in IT risk mitigation efforts, including the submission of relevant evidences to internal and external control/regulating bodies.Draft reports for an executive audience with regards to the mitigation, transfer and/or acceptance of IT risks.Provide accurate advice to executive management with regards to local regulatory risks and requirements, by indicating knowledge of local regulation and establishing strong rapport with local Compliance, Legal and Regulatory teams.Ensure due diligence of international cloud service providers and oversee ongoing cloud service providers security assessments.Evaluate cloud solutions provided to international locations and determine risk of technology architecture, implementation, and suitability for the organization.Ensure cloud service providers contracts are compliant to Group policies/processes and relevant controls are considered in the contract with cloud service providers.Assess the risk implications of digital innovation and its impact on technology risk profile of the bank. Provide recommendations to optimize the risks and ensure technology policy and process alignment.Support and maintain risk assessment capabilities to review and assess digital business models end to end.Work with business and technology teams to better understand digital business risk and facilitate a balance between the need to protect the organization and the need to optimize customer experience.Conduct in-depth technical security reviews, risk assessments, and architecture reviews for Cloud based technologies and solutions to ensure alignment with information security policies and technology guidelines.Provide risk management guidance and advice to technology teams on cloud technologies and digital solutionsLeadershipSupport assigned team with their ongoing professional development through constructive and regular feedbackEstablish common reporting structures and formats across international regionsEnsure assigned team workload is monitored for effective and time-efficient delivery and prioritization.Instil attention to detail to the deliverables of key stakeholders and team, while preparing deliverables, reports and communications appropriate to the targeted audience and stakeholders.Effectively and regularly align with key stakeholders across the international FAB circuit and Head Office.Establish clear targets and showcase continuous improvement through performance measurements.Foster a culture of knowledge-sharing, collaboration and personal accountability.Key Performance Indicators:Adherence to Tech GRC budget targetsParticipation in relevant service line specific EA community sessions to address the GRC requirementsCompletion of Risk and Control Self-Assessments as per the agreed scheduleRemediation of Technology GRC risk issues as per the established timelinesAdequately monitor and supervise remediation of Technology Service Line risk issues as per the agreed timelinesOntime completion of KRI reporting and GORM incident management reportsCompletion of regulatory reporting activities as per the timelinesAdherence to GRC automation initiatives implementation plansOntime completion of mandatory trainings and meeting certification requirementEnsure external audit and regulatory certifications are completed on time without non-compliance (such as PCI DSS and NESA)Coordinate with service lines to gather RFI’s and management response for GIA (Group Internal Audit’s) on time.Knowledge & Experience:13 or more years of working experience in IT Security, Risk and Governance practices.5+ years of experience working in leadership role IT Security, Risk and GovernanceEvidence of influencing senior stakeholders and dealing with external auditors and regulatorsExcellent interpersonal skills and good oral and written communication skillsGood understanding of process models in ISO and industry standards relating to IT Security, Risk and Governance.Good understanding of security and risk management in financial institutions.Good understanding of innovations / trends in IT and fintech in particularRecent experience in the governance of agile and other digital/innovation ways of workingGood experience of enforcing good governance across an outsourced IT resourcing model.Strong analytical capabilities and knowledge of related tools and processes. Proven ability to handle volume detail and summarize effectivelyExcellent knowledge all aspects of technology: infrastructure; operations, security, development, change/transformation, support, innovation, vendor management etc., and banking related processes especially risk management. Should have demonstrable experience of working in the majority of these domains.Good understanding of technology processes across a full service IT organization. Should have demonstrable experience in these areas.Good understanding of banking related environments – especially around high availability, data confidentiality, security etc.Good understanding of project management to drive the team to deliver to objectives and to oversight the division’s change governanceGood understanding of technology trends to keep the policies and procedures ahead of the curveGood knowledge in different IT process models (ITIL / ISO / COBIT etc.).High Performance attitude and track record to evidenceAdequate forward planning and implementation of improvement initiativesBudget and cost managementUtilization of resources – Effective utilization of staff to deliver planned and unplanned outcomes to agreed timelinesUser satisfaction – Feedback from business units and other IT teams on the collaborative support provided by the unitQuality – Availability of record of activities carried out by the unit, in compliance with quality assurance requirementsRisk management – Effective management of risks in the infrastructure operationsVendor management – Efficient use of outsourced vendor teams. Performance of vendors as per committed SLAsStaff development – Staff turnover, availability of skills, staff satisfaction, and talent managementSkills:Relationship and dispute managementLeadership, team management and coaching skillsStakeholder and influencing skillsBig picture thinker with attention to detailsExcellent interpersonal skills and good oral and written communication skills.Strong analytical skillsResource (time and people) management skills
#J-18808-Ljbffr

---