Technology Risk & Compliance Specialist at Absa Bank Limited
Absa Bank Limited (Absa) is a wholly owned subsidiary of Barclays Africa Group Limited. Absa offers personal and business banking, credit cards, corporate and investment banking, wealth and investment management as well as bancassurance.
Reporting to the Head of Technology Risk and Compliance, the role holder is responsible for ensuring that specific IT risk controls and solutions are applied and that they comply with the Technology Key Risk policy and standards, and consequently meets the businesses requirement and safeguards the Banks reputation.
IT Risk Identification and Control Assessment
- Assist in conducting effective local risk assessments to assess all new IT systems or Processes, clearly identifying the risks and issues and the controls and measures required to mitigate those risks / issues.
- Review and identify new risks that may be introduced into the business by any proposed change to IT Systems or Processes
- Assist in undertaking local 3rd Party Due Diligence for critical IT Vendors and Service Providers
- Conduct IT Security Controls Snap checks (CSA)and monitor IT Security activities e.g. application & system controls, physical and logical access security controls, review of disaster recovery and back-up procedures, media storage
- Report on the compliance levels and provide comprehensive MI reorting
- Follow-up on any IT Security weaknesses identified and put in place effective measures to safeguard the bank’s IT resources, information and reputation.
- Plan and take responsibility for the overall IT DR objectives of Kenya Technology
- Agree and manage IT DR deliverables with internal and external customers/role players
- In liaison with the technical teams, ensure recovery procedures/ processes (SRPs/TRIs) for all systems are documented and readily available
- Keep monthly BCE statistics and data to be provided in MI reporting to senior management and stakeholders
- Capture/analyse and draft information into meaningful MI reports for senior management, stakeholders, team reporting and presentation purposes
- Present findings and conclusions together with recommendations after IT DR tests
- To engage collaboratively with BCM stakeholders to ensure appropriate prioritisation of BCM system tiers
- Ensure all technology solutions have a working DR before deployment Demand pipeline management.
- Guide and govern suppliers for project related activities ensuring they understand and adopt Bank agreed standards and architectures along with adhering to policy and procedures.
- To work across all in-Country functions and to act as an interface point between ITSCM and Country BCM team
Key Risk Monitoring
- Assist in setting and measuring technology risk thresholds and the related key indicators.
- Ensure roles & responsibilities are defined and agreed for metric collation and ownership
- Ensure that Key Risk Indicators are monitored by Technology Senior Management, reasons for out of threshold indicators are defined and remediation is actively monitored.
- Ensure alignment of KRI position and CSA results
- Review major incidents (severity 1, 2 and 3), identify root cause ito control objectives and ensure consistency with CSA
- In conjunction with the Group Key Risk Owner, Operational Risk management and the central Technology Risk team define the loss / risk appetite for the country.
- Analyze TKR loss data and conclude on required actions to prevent exceeding loss budget
- Ensure that loss events are correctly attributed to TKR where applicable.
- Ensure action owners compile their own closures and define ongoing management controls
- Ensure that defined action plans are agreed with the responsible assurance providers and trackers are defined detailing actions, sub actions, deliverables, evidence, control maturity and action owners.
- Provide regular status update report to senior management commensurate with item status (at risk, on track, overdue)
- Ensure that all high/medium risk projects in the area are identified and RAG status from a risk perspective is tracked
- Ensure that ORIAs are completed, required actions taken and operational risks being migrated into production are defined, understood, accepted (RFNC) and remediation planned for all high/medium risk projects
- Ensure that high probability and high impact items on top project risk logs have adequate remedial actions defined.
- Be involved in project assurance reviews, as managed by the central project assurance team, where required.
Accountability: People Management
- Responsible for driving own Performance Development, collating relevant documentation, preparing for and arranging reviews.
- By utilizing skills matrix, identify training and development requirements, formulating own plan to be agreed with team leader.
- Responsible for ensuring own plan is completed within agreed timescales.
- Undertake all necessary training in order to perform the role to the required standards, including gaining accreditation where appropriate.
- Ensure that all activities and duties are carried out in full compliance with regulatory requirements, Enterprise Wide Risk Management Framework and internal Absa Policies and Policy Standards.
- Understand and manage risks and risk events (incidents) relevant to the role.
Knowledge& Skills: (Maximum of 6)
- Stakeholder Management Skills (Advanced)
- Analytical Skills (Advanced)
- Knowledge of Principles and Practices (Advanced)
- Knowledge of project management best practices (Advanced)
- Knowledge of banking and IT practices (Solid)
Competencies: (Maximum of 8 competencies)
- Deciding and initiating action
- Learning and researching
- Entrepreneurial and commercial thinking
- Relating and networking
- Adapting and responding to change
- Persuading and influencing
- Creating and innovating
Knowledge, Expertise and Experience
- B-degree, Commerce or a relevant banking or business degree or an Matric equivalent qualification or High Level diploma
- CISA/CRISK/CISM Certification
- Degree level education in an analytical subject would be beneficial
- 4 years’ experience and exposure to the Banking/ ICT Industry
- Displaying a thorough understanding of technology strategic issues in the banking or financial services sector
- A confident and motivated leader, with proven experience in motivating regional and global teams in a challenging, high pressure environment
- Good understanding of ITIL processes and associated concepts.
- High degree of commercial awareness with sound understanding of key contractual obligations and risks to maximize benefits
- Strong customer liaison and relationship management skills
- Excellent communication and presentation experience;
- Must be able to work under pressure, take clear ownership of issues and projects and drive to ensure a successful closure for the customer, peers and IT Production;
- Financial management – budget preparation and managing to budget;
- Working within a Global or Regional role
- Familiarity with ITIL-style management procedures and mainstream project management styles a distinct advantage;
- Experience of financial services preferred;
Higher Diplomas: Physical, Mathematical, Computer and Life Sciences (Required)
The post Technology Risk & Compliance Specialist at Absa Bank Limited appeared first on Jobs in Kenya – http://jobcenterkenya.com/.