Principal Analyst- Tech Risk – EA- Infra & Workplace Services Jobs in Abu Dhabi at bankfab
Title: Principal Analyst- Tech Risk – EA- Infra & Workplace Services
Location: Abu Dhabi
Addax Office Tower Reem Island, Abu Dhabi, United Arab Emirates
Sub Division: Group Technology
Now it’s your time to join the #1 bank in the Middle East and one of the most prestigious financial companies in the region. Shaking up the world of banking requires a lot of smarts and skill. We’re looking for the brightest and best to help us reach our goals and we’ll also help you reach yours. Your success is our success as you grow stronger in your career. Join us and leave a legacy of your own, as a pioneer in both the company and the industry.
The selected candidate will assist Head of IT GRC Infrastructure, Workplace & Enterprise Architecture to:
a) Provide advisory services to infrastructure IT Service Line with regards to best practices, compliance requirements and risk mitigation controls
b) Monitor the timely and appropriate remediation of IT risks and issues;
c) Maintain oversight of regulations, circulars and notifications relevant to IT operations and controls, and accordingly advise IT project and technical teams.
d) Prepare monthly reports covering risk findings, vulnerabilities, KPIs and KRIs across IT Infrastructure domain, to be communicated to Senior/Executive Management, while tracking related actions and decisions.
e) Create IT Control Governance & Compliance self-assessment checklists, share with infrastructure team, and regularly track related results and trends.
f) Ensure that appropriate risk and compliance inputs are shared timely with relevant parties when drafting Risk Acceptance Forms, Project Business Cases and Plans etc.
g) Provide overall remediation oversight of infrastructure IT vulnerabilities
Support activities related to the development, implementation and compliance oversight of IT Policy and processes, particularly those relating to infrastructure components and services.
Review and provide advice on the creation of IT Infrastructure SOPs.
Provide sound IT-GRC advisory services to Infrastructure teams, while demonstrating a strong understanding of various related IT standards, frameworks and good practices.
Establish checklists to carry out gap assessments of IT infrastructure and Enterprise Architecture processes and controls against industry standards, and IT-related regulations applicable to the financial sector.
Prepare regular dashboards and reports for various working group and committee meetings
Regularly review local IT Service Level performance of IT Infrastructure and Enterprise Architecture services, collaborating with relevant teams on continuous improvement.
Prepare content for regular technology governance and risk committees.
Actively participate in relevant technology project committees to ensure adequate and timely governance and risk reviews
Maintain oversight of infrastructure IT Incidents, ensuring timely root-cause-analysis reporting to risk and management functions.
Provide IT risk governance oversight and representation across Architectural Review Board and Change Management Board meetings.
Risk management and control
Understand the overall risk profile and ensure that the risks are managed and prioritized properly
Act as a subject matter expert and create a first line of defence environment for the Bank’s IT Infrastructure domain with regards to IT risks and remediations.
Update and maintain the risk register on designated system or records.
Facilitate and manage infrastructure technology risk control self assessments.
Maintain oversight of factors contributing to emerging risks (e.g. changes in business risk appetite, operating environment, regulations, risk trends in financial markets), including regular evaluation of risks.
Report promptly to line management any excesses or exceptions to risk limit, in order to take necessary action
Ensure completion and rectification of internal and external audit comments within target dates
Assist in IT risk mitigation efforts, including the submission of relevant evidences to internal and external control/regulating bodies.
Draft reports for an executive audience with regards to the mitigation, transfer and/or acceptance of IT risks.
Support in preparing risk dashboards and reports.
Bachelor’s degree, preferably in Information Technology, Engineering/Computing
Professional IT Audit Certification – E.g. CISA, ISO 20000 LA/LI, 27000 LA/LI
Professional IT Infrastructure and Enterprise Architecture Certification
Professional IT Security Certification – E.g. CISSP, CISM, ISO 27000 series LA/LI
Professional IT Service Management Certification – E.g. ITIL v3 Expert, ISO20000 LA
Professional IT-Governance Certification – E.g. COBIT5 Implementer, ISO like CISA and COBIT5 implementer
12+ years of experience in IT risk management, Security Operations and Infrastructure management roles
Strong understanding of IT Infrastructure technologies and architecture, incl. network management, system administration, database administration and security operations.
Strong understanding of Cloud platforms and deployment models
Strong track record in IT Assurance, IT Audit, IT Process Management
Strong understanding of application, system and database hardening techniques and practices
Prior experience in the banking sector
Prior experience of working with systems such as Archer, Jira, Service Now, or any other IT-GRC and Service Management platform.
Availability to work and support teams across different time zones
Ability to work with and drive results with remote teams.
Understanding of IT and Cloud best practices, methodologies and regulations.
Ability to translate IT risk concepts into a language that is meaningful to various audiences, including business and technical leaders.