Executive Director, India IT Risk Management
About IT Risk and Security Management:
- IT Risk and Security Management’s (ITRSM) purpose is to ensure the security and resiliency of the firm’s computing environment, protect customer and employee confidential information, and comply with regulatory requirements globally. We accomplish this through strong information security leadership and active collaboration with line of business information risk managers to provide high quality security solutions and services that are focused on improving the firm's risk posture.
Overall Responsibility:
- This role is responsible to establish and drive the IT Risk Framework, monitor compliance via metrics and escalate significant variances to Senior Management.
- The role will also ensure that local risk management and the local technology groups provide a consistent and effective implementation of control initiatives.
- The individual will assist the firm in identifying and monitoring Key Risk Indicators.
- This position will report to and act as a delegate to the India ITRSM Head. It will provide oversight to and coordination of all IT Risk initiatives in India, ensuring they are in line with the Global, Regional IT risk strategy with consideration of the location business needs.
- The individual will ensure that control implementations and solutions align with the business needs of the firm.
- The individual will be a delegate to the India ITRSM Head in management of the location IT Risk Leadership and will also be a delegate member of the regional and global IT Risk Leadership forums.
- The role will have IT risk management oversight of all Legal entities in India.
Key Areas of Responsibility:
- Support the India ITRSM Head in the development and implementation of the IT Risk
- Management Strategy for the location
- Ensure that all pertinent Information Risk and Control regulatory requirements and applicable internal policies are understood by Line of Business (LOB) clients, technologists, and IRM team members, and that these policies are implemented and monitored successfully
- Drive the IT Risk and Security Agenda for India by leading IT Risk programs and initiatives
- Participate in global / regional IT Risk and Security Management activities, and lead specific activities as required in the location
- Participate in selective Firm-wide and industry-wide forums and working groups to ensure linkage between the location and any external or internal requirements.
- Drive execution of effective IT/Regulatory compliancy strategy
- Promote and improve awareness of security threats, laws and regulations, policies and standards
- Provide IT regulatory interface and coordinate with compliance for the interpretation and implementation of IT Regulations
- Provide location input to global / regional IT Risk Forums
- Monitor technology compliance on IT laws and regulations
- Maintain and track India IT Risk posture and risk mitigation programs
- Manage links to other relevant firm-wide bodies (CEO, CAO, CIO, IT Governance, Audit, Operational Risk, Legal/Compliance, Resiliency Risk Management) industry trends in information risk and security standards and best practices.
- Provide local management and supervision for CTR staff, including LOB IRM leads
- Drive and strategize the Security Awareness agenda for the location
Expected Educational Qualifications and Work Experience:
- Experienced Information Technology professional with a proven Financial Services track record of more than 15 years; of which at least 8-10 years in Technology Risk Management / IT audit / technology operations / risk based projects.
- Experience working in multinational enterprise with matrix organization
Technical Skills:
- Solid knowledge of industry best practices and the India IT Risk Regulatory Landscape
- Demonstrated experience with India regulators, articulate in local regulations and laws pertaining to IT Risk, Business process improvement mindset with a drive for controls, automation and efficiency
Other Skills / Requirements:
- Ability to develop and lead initiatives in a cross line of business technology organization,
- build rapport and garner respect in a collaborative cross-cultural environment
- Enthusiastic, effective communicator, someone who thrives under pressure and is willing to take personal responsibility and accountability
- The ability to communicate effectively with very senior levels of management as well as technologist and business personnel is critical, including the usage of business relevant terms to describe technology risks
- Sound analytical skills, critical thinking ability, conflict management skills and experience building metric based solutions
- Collaborative style, the ability to interact with all levels of staff and ability to build appropriate relationships to effect strategy
- Excellent influencing for impact skills, highly motivated and results oriented
- Ability to travel when required
Didn’t find the job appropriate? Report this Job