Risk and Security Analyst
Abu Dhabi, United Arab Emirates
Atribs Metscon Group
Founded in the bustling metropolis of Dubai in 2004, Atribs Metscon Group stands as a beacon of innovation and excellence in the realm of technology and business solutions. For over two decades, we have been dedicated to empowering enterprises...Accountabilities and Responsibilities:
- Risk Management
- Manage the closure of outstanding IT audit issues (TRAP) and respective corrective actions.
- Support the Risk function in managing BCP, BIA, and DR capabilities.
- Assist in the creation and updates of RCSAs and periodic control tests.
- Proactively drive improvement in the risk profile of the Bank through the application of robust risk management techniques, working with stakeholders across the Technology Services organization.
- Manage the closure of outstanding IT audit issues (TRAP) and respective corrective actions.
- Release Management
- Ensure that release management tasks in the IT function are conducted to high standards, managing risk comprehensively and effectively.
- Ensure resilience and timely delivery of releases to production.
- Ensure that release management tasks in the IT function are conducted to high standards, managing risk comprehensively and effectively.
- Control Functions
- Verify that change requests are submitted for weekend implementations and oversee the effective governance of change control meetings.
- Develop and maintain IT procedures to document risk and control processes.
- Monitor the implementation of IT control test plans and coordinate with Operational Risk to prepare risk reporting.
- Liaise with Operational Risk and Information Security to perform control tests, support reporting of findings, and track corrective action plans.
- Verify that change requests are submitted for weekend implementations and oversee the effective governance of change control meetings.
- Communication
- Support the preparation of risk and control reports and documentation as required by senior management.
- Ensure timely progress updates to Internal Audit, Information Security, and GBS stakeholders regarding outstanding risk issues.
- Support the preparation of risk and control reports and documentation as required by senior management.
- Operational Resilience
- Define and drive the agenda to deliver policies, procedures, and techniques to support operational resiliency across the Bank's technology.
- Facilitate BIAs within IT to identify critical processes.
- Support comprehensive and effective incident management processes.
- Identify process risks and gaps in compliance for IT testing and resiliency and address them to prevent incidents.
- Support, drive, and execute strong governance in the usage of cloud technologies.
- Define and drive the agenda to deliver policies, procedures, and techniques to support operational resiliency across the Bank's technology.
- Other Accountabilities
- Develop UAE Nationals and support the Bank's Emiratization agenda as directed by Senior Management.
- Undertake similar or related tasks and duties as directed by Senior Management.
- Develop UAE Nationals and support the Bank's Emiratization agenda as directed by Senior Management.
Experience, Qualifications & Competencies:
Minimum Experience
- At least 6 years of experience in an IT banking background, with at least 4 years in IT Security, IT Risk, or Information Security.
- Working knowledge and experience in Banking Operations, Capital Markets, Corporate Banking, and technology-related risk issues.
- Ability to prioritize and manage multiple tasks simultaneously.
Minimum Qualifications
- A university degree in a technical STEM subject.
- A postgraduate degree in a STEM subject is desirable.
Professional Qualifications
- CISSP, CRISC, CCSK, CCSP, ISO, and SANS certifications.
Knowledge and Skills
- Expertise in Technology Risk Management and Security Risk Management.
- Familiarity with globally recognized security risk and technology risk management standards and techniques.
- Knowledge in Cloud Security Risk Management, DevOps/DevSecOps, and Security Operations.
- Strong understanding of Third-Party Risk Management and Security Architecture/Enterprise Architecture/Risk Architecture.
- Proficiency in Technology Governance and Technology Compliance/Security Compliance.
Requirements
Core Competencies
- Ability to design and provide advisory on solution quality technology controls techniques.
- Strong written and verbal communication skills in English; Arabic is an advantage.
- Strong influencing, stakeholder management, persuasion, and negotiation skills.
- Excellent interpersonal skills.
- Strong experience in managing, coaching teams, and building high-performing teams.
- Leadership skills in a service and results-oriented culture.
- Strong planning, execution, analytical, and time management skills.
- Ability to build partnerships and interact with all organizational levels.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
7
0
0
Categories:
Analyst Jobs
Compliance Jobs
Tags: Audits Banking CCSK CCSP CISSP Cloud Compliance CRISC DevOps DevSecOps Governance Risk management SANS STEM
Region:
Middle East
Country:
United Arab Emirates
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Information System Security Officer jobsSenior Cloud Security Engineer jobsSenior Security Analyst jobsInformation Security Manager jobsSenior Cybersecurity Engineer jobsInformation Security Specialist jobsSenior Network Security Engineer jobsSecurity Consultant jobsIT Security Engineer jobsSenior Penetration Tester jobsSenior Information Security Analyst jobsSecurity Specialist jobsCyber Security Specialist jobsSenior Cyber Security Engineer jobsChief Information Security Officer jobsInformation System Security Officer (ISSO) jobsIT Security Analyst jobsSystems Engineer jobsStaff Security Engineer jobsPrincipal Security Engineer jobsCloud Security Architect jobsSenior Product Security Engineer jobsSystems Administrator jobsCyber Security Architect jobsSecurity Operations Analyst jobs
CI/CD jobsMalware jobsSaaS jobsForensics jobsEDR jobsSDLC jobsEncryption jobsIDS jobsBash jobsSplunk jobsTop Secret jobsIPS jobsRMF jobsOWASP jobsIntrusion detection jobsSQL jobsThreat detection jobsCompTIA jobsFinance jobsDocker jobsDoDD 8570 jobsITIL jobsCRISC jobsActive Directory jobsGIAC jobs
VPN jobsHIPAA jobsTCP/IP jobsMITRE ATT&CK jobsTerraform jobsOSCP jobsUNIX jobsIT infrastructure jobsBanking jobsClearance Required jobsSANS jobsPolygraph jobsJavaScript jobsDNS jobsCISO jobsSOX jobsSOC 2 jobsAnsible jobsCCSP jobsJira jobsData Analytics jobsSOAR jobsIndustrial jobsCyber defense jobsGCIH jobs