Head - IT Governance/Risk & Compliance

Job title: Head - IT GRC

Location: Mumbai

BU/Function: IT GRC

Reports to: CTO

Role Details

This role is for Senior Professional IT Governance-Risk-Compliance who would be responsible for IT Controls implementation, review and reporting. Should have good understanding of IT Governance, Risk and Compliance requirement in Banking domain. Should facilitate formulation and improvements to IT policy, processes, procedures, technology compliance and assurance initiatives to support the IT Governance function. Maintain activities that are audit-based, regulatory in nature to ensure the design and operational effectiveness of IT controls and gaps. Ensuring IT Governance and compliance related activities are completed in accordance with industry standards and regulatory requirements. Perform risk assessments, facilitate risk mitigation strategies and be the second line of defence for the Technology Risk function.

Overall Job Description

- Serve as a subject matter expert for IT Governance frameworks. Keep abreast of regulations and assist in monitoring and tracking actions to ensure continuous compliance.

- Provide analytical support to the management team regarding governance, assurance, metrics, and reporting.

- Work closely with different IT Groups to continuously identify, mitigate, and manage compliance risks. Ensure readiness to satisfy internal & external audit requirements. Perform Risk Control Self Assessment , assign risk severity score/rating and track / report the mitigation plans to remediate the risks identified

- Convey information and ideas through a variety of channels , forums to individuals or groups in a manner that engages the audience and helps them understand and retain the message.

- Review processes & existing policies/procedures and assist IT process owners in the creation and maintenance of these policies/procedures.

- Support information assurance, highlight key control deficiencies and ensure regulator mandated compliance.

- Maintain IT controls-related documentation for processes in support of regulatory and statutory requirements.

- Promote and support a culture of continuous compliance, risk avoidance/mitigation, and skillfully communicate (verbal and written) IT governance objectives.

- Support the evaluation of automation tools to promote operational efficiency & assist in the procurement of tools and internal/external resources to ensure proper execution of a continuous governance program.

- Advises process owners on design and implementation of IT controls (manual and automated) into processes and systems using knowledge of IT risks and organization objectives.

- Coordinate with Auditors and facilitate Audit findings closure by follow-up with respective teams.

- Facilitate IT functional maturity roadmap and facilitate improvements basis best practices models.

Education and Work Experience Requirements:

EDUCATION :

Technical Graduate / Post graduate, MBA will be a plus

WORK EXPERIENCE

15 +plus years of relevant experience

Any specific requirements

Conversant with RBI reporting, audits, inspections

Desirable - Certifications in CoBIT, ISO 20000, ISO 9000, ISO 27000, ITIL V3.

Desired Behavioral / Functional Traits

Functional :

- IT GRC background with expert level knowledge in of IT GRC industry practices, IT processes, and compliance frameworks and standards (e.g., COBIT, ITIL, ISO 27001 etc.)

- Knowledge of regulatory requirements applicable to IT.

- Ability to interpret regulations and laws and have an understanding of industry audit and control standards and practices.

- Ability to work in partnership with IT Groups and business units to assure IT practices meet defined policies, standards, and key business objectives for continuous IT compliance.

- Excellent presentation skills, analytical judgment, decision-making skills, functional and technical skills, being detailed, and task oriented.

- Knowledge in analyzing and resolving complex problems and providing resolutions and recommendations to control deficiencies based on practice and precedent.

Behavioural :

- Good communicator

- Pro-active

- Team player

- Quick learner

- Highly motivated

- Able to work under pressure

- Well organized

- Target oriented

Key Stakeholders (Internal / External)

- IT Group Heads & their teams

- Risk, Audit and Compliance Teams of the Bank

- CTO, CISO

- Head IT