Risk and Security Analyst

Abu Dhabi, United Arab Emirates

Atribs Metscon Group

Founded in the bustling metropolis of Dubai in 2004, Atribs Metscon Group stands as a beacon of innovation and excellence in the realm of technology and business solutions. For over two decades, we have been dedicated to empowering enterprises...

View all jobs at Atribs Metscon Group

Apply now Apply later

Accountabilities and Responsibilities:

  1. Risk Management
    • Manage the closure of outstanding IT audit issues (TRAP) and respective corrective actions.
    • Support the Risk function in managing BCP, BIA, and DR capabilities.
    • Assist in the creation and updates of RCSAs and periodic control tests.
    • Proactively drive improvement in the risk profile of the Bank through the application of robust risk management techniques, working with stakeholders across the Technology Services organization.
  2. Release Management
    • Ensure that release management tasks in the IT function are conducted to high standards, managing risk comprehensively and effectively.
    • Ensure resilience and timely delivery of releases to production.
  3. Control Functions
    • Verify that change requests are submitted for weekend implementations and oversee the effective governance of change control meetings.
    • Develop and maintain IT procedures to document risk and control processes.
    • Monitor the implementation of IT control test plans and coordinate with Operational Risk to prepare risk reporting.
    • Liaise with Operational Risk and Information Security to perform control tests, support reporting of findings, and track corrective action plans.
  4. Communication
    • Support the preparation of risk and control reports and documentation as required by senior management.
    • Ensure timely progress updates to Internal Audit, Information Security, and GBS stakeholders regarding outstanding risk issues.
  5. Operational Resilience
    • Define and drive the agenda to deliver policies, procedures, and techniques to support operational resiliency across the Bank's technology.
    • Facilitate BIAs within IT to identify critical processes.
    • Support comprehensive and effective incident management processes.
    • Identify process risks and gaps in compliance for IT testing and resiliency and address them to prevent incidents.
    • Support, drive, and execute strong governance in the usage of cloud technologies.
  6. Other Accountabilities
    • Develop UAE Nationals and support the Bank's Emiratization agenda as directed by Senior Management.
    • Undertake similar or related tasks and duties as directed by Senior Management.

Experience, Qualifications & Competencies:

Minimum Experience

  • At least 6 years of experience in an IT banking background, with at least 4 years in IT Security, IT Risk, or Information Security.
  • Working knowledge and experience in Banking Operations, Capital Markets, Corporate Banking, and technology-related risk issues.
  • Ability to prioritize and manage multiple tasks simultaneously.

Minimum Qualifications

  • A university degree in a technical STEM subject.
  • A postgraduate degree in a STEM subject is desirable.

Professional Qualifications

  • CISSP, CRISC, CCSK, CCSP, ISO, and SANS certifications.

Knowledge and Skills

  • Expertise in Technology Risk Management and Security Risk Management.
  • Familiarity with globally recognized security risk and technology risk management standards and techniques.
  • Knowledge in Cloud Security Risk Management, DevOps/DevSecOps, and Security Operations.
  • Strong understanding of Third-Party Risk Management and Security Architecture/Enterprise Architecture/Risk Architecture.
  • Proficiency in Technology Governance and Technology Compliance/Security Compliance.

Requirements

Core Competencies

  • Ability to design and provide advisory on solution quality technology controls techniques.
  • Strong written and verbal communication skills in English; Arabic is an advantage.
  • Strong influencing, stakeholder management, persuasion, and negotiation skills.
  • Excellent interpersonal skills.
  • Strong experience in managing, coaching teams, and building high-performing teams.
  • Leadership skills in a service and results-oriented culture.
  • Strong planning, execution, analytical, and time management skills.
  • Ability to build partnerships and interact with all organizational levels.


Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  14  0  0

Tags: Audits Banking CCSK CCSP CISSP Cloud Compliance CRISC DevOps DevSecOps Governance Risk management SANS STEM

Region: Middle East

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.