AVP Tech Manager Apps Prog

Job Description

A senior professional who has at least 14-18 years experience in Internal Audit, IT Risk Management andor Information Security Management, preferably from ITITES industry andor Big 4 Audit Firms.The position will involve working closely with technology teams to assess the soundness of the control environment. The role will include understanding the operational risk within the functions, providing related risk assessment and acting as an advisor to the business on risk issues. GBAM Tech has large number of application(s) and platform(s) that undergoes periodic access review in order to comply with the access review requirement of The Bank. The role of the candidate is to work on multiple Identity and Access Management deliverables with stakeholders across the globe to ensure compliance to the Bank s policies and Identity and Access Management program requirements. The tasks include monitoring status of periodic access review completion and reporting violations, work with GIS ensuring revocation of accounts within agreed SLA, validate completeness and accuracy of user accounts, entitlements and associated permissions of Third Party application. Also this person has to work with app managers to understand the root cause of STR failures, handle aged revocations, toxic combination access remediation s etc.Responsibilities

• Enable strong operational risk management Identify, escalate & debate risks across business units.
• Partner with key Technology Managers to monitor and manage various risk and quality assurance programs across the firm.
• Partner with Technology Management audit to identify, document and report self-identified audit issues
• Work with application managers and risk leads of the Business Technology Group
• Build and maintain strong partnership with Business stakeholders and be responsible for Quality Delivery.
• Act as a lead of the team from BACI side
• Setup meetings with stakeholders, callout action items and follow-up pending items to closure.
• Be able to work on large data handling and publish weekly progress dashboard.
• Support technology teams in supporting firm-wide risk programs (i.e. delivering requested artefacts, verifying completeness accuracy)
• Periodic testing of key controls for critical functions and supporting gap remediation as needed.
• Support delivery teams on Issues management and Audit management.
• Support day to day relationship management and communications with business partners at various levels of the organization, as well as other Enterprise Control Functions (ECFs).
• Sound knowledge of Microsoft Office applications PowerPoint, Excel and Word and ability to work on these without any support.

Requirements Education: Master in Computer Application Bachelor of Technology Bachelor of Engineering.Certifications (Optional): CISA, CISM, CRISC, CISSP, ISO 27001Experience Range: 14 -18 yearsMandatory Skill:

• Solid understanding of a risk control framework (i.e., inherent risks, control procedures, residual risk, etc.)
• Deep subject matter knowledge: Understanding and experience on technology processes including:
• Software Development: Methodologies (SDLC, RAD, Agile, DevOps)
• SDLC Phases: Application Development, Application Maintenance and Production Support, Quality Assurance Testing etc.
• Infrastructure Management: Incident and Problem Management, Change Management, Server and Network services, End-user computing.
• Information Security and Business Continuity.
• Demonstrable IT Risk Management skills including experience in auditing of IT general controls.
• Risk Sensitive: Ability to identify and evaluate potential risks and appropriately identify and engage stakeholders for discussion, escalation and resolution. Strong analysis and fact-based decision making. Expected to look beyond the issue at hand and raise questions.
• Communication: Proven ability to communicate complex information in simple terms (oral and written). Influence horizontally and vertically across the organization and diverse audiences. Will work both independently and as part of a team and be expected to develop relationships with other Delivery, Control Function, Compliance and Risk groups.
• Research: Strong research skills, familiaritycomfort with multiple datainformation sources; ability to synthesize findings into a succinct summaryconclusion.
• Self-directed: Ability to prioritize work activity to maximize performance against agreed targets.
• Thorough knowledge of metrics based risk management.

Desired skills :

• Strong analytical skills
• A proactive approach to problem solving and think innovatively

,

Keyskills :
operationalrisk riskcontrol internalaudit managementaudit operationalriskmanagement iso27001 changemanagement stronganalyticalskills agileapplicationdevelopment networkservices itrisk itriskmanagement riskmanagement microsoftoffice informati