Position Summary

This role, as a second line-of-defence, is required to work with first line-of-defence functions to identify, assess, monitor and report key IT risks.

This role is also required to work closely with divisions/functions to understand and document controls and identify potential areas of improvement. Experience in IT and Cybersecurity Risk management is necessary, with good communication and written skills.

Key Responsibilities

• Support in the implementation and operation of the IT risk management framework, policies, processes, and procedures
• Assist in the identification, prioritisation, assessment, monitoring and reporting of key IT risks
• Conduct risk and controls self-assessment (RCSA), operational loss event reporting, assess risk control adequacy and effectiveness
• Monitor and report risk tolerances and key risk indicators
• Support incident risk management and escalation, IT risk-re...