IS Risk Manager Abu Dhabi Islamic Bank

Abu Dhabi Islamic Bank is currently looking for skillful and well educated candidate for the job role of IS Risk Manager. The job holder is responsible for performing information security assessments while participating in the review of the risk management framework to cater for the ADIB Group’s needs and requirements. The role develops information security risk mitigation strategies to ensure that risks are reduced to an acceptable level, comply with relevant information security laws and regulations, increase operational efficiency, and achieve ADIB’s information security objectives.

Responsibilities of IS Risk Manager

• Manage team of IS risk management professionals.
• Review and analyze business services, processes, and technologies to conduct business impact analysis.
• Work closely with management to classify information assets across the organization and identify the related security requirements based on asset criticality and business requirements.
• Work with IT Architecture team(s) to understand and manage security components of infrastructure and applications.
• Coordinate security compliance and internal/external audit activities.
• Provide Metrics and Report about information security risks.
• Participate in projects associated with the IT Security & Risks, Compliance domain.
• Actively participate in the development and implementation of enterprise policies, standards and processes.
• Identify and lead the appropriate subject matter experts to participate in the identification and analysis of risk scenarios.
• Identify and prioritize risk scenarios.
• Deliver ad hoc and planned risk assessments in accordance with internal information security policies and requirements or external information security regulations and standards.
• Assist in developing risk mitigation plans and collaborate with relevant business units to ensure an effective implementation of mitigation controls.
• Participate in the implementation of systems and tools to automate the end to end information security risk management cycle.
• Work with the Risk Management team for the continuous improvements in policies, procedures, standards, and guidelines in line with risk assessment findings and recommendations.
• Prepare management reports highlighting the Group’s risk status and posture.
• Participate in and review information security related projects such as security integration into coding and testing to assess the associated information security risks.
• Develop, update, measure, and report on risk management KPIs.
• Participate in communicating risk status to relevant internal / external stakeholders as well as risk remediation plans to relevant stakeholders and follow up on their implementation.
• Identify and create Plan of Action & Mitigation for any identified control gaps associated with policies and standards.

Requirements of IS Risk Manager

The requirements of IS Risk Manager are as under:

• B.S. in IT or computer science/engineering related discipline or similar degree preferable.
• 5 – 7 years IS risk management experience combined with at least 2 – 3 years IT experience preferably in IS Security/Information Risk Management. (In banking and financial services sector).
• Experience in the information security risk management life cycle and frameworks.
• Experience with GRC tools and platforms (preferably in RSA Archer).

Skills and Knowledge Desired

• Strong knowledge of banking processes and modus operandi, information security technologies, processes, and systems.
• Excellent business acumen.
• CISSP, Certified in Risk and Information Systems Control (CRISC) designation.
• Technical knowledge to understand detailed issues around business continuity, security, and overall risk in IT. Able to have enough expertise to drive a solution and solve issues, addressing risk.
• Strong communications skills are required to work across the organization, and several corporate functions.
• Ability to frame risk issues in a risk business case / term, to help priorities projects and value.
• Familiar with GRC tool and other risk management tools and platforms.
• Knowledge of ISO 27001, NESA, SWIFT CSP, PCI DSS and other information security standards and regulations.
• Advanced knowledge and Work experience in IS and Cybersecurity Risk Management or related fields such as Audit, IT Security, or Business Continuity, however other IT disciplines are eligible.

Strategic Risks Manager Abu Dhabi Commercial Bank

Head Information Security & Assurance Abu Dhabi Islamic Bank

Call Center Agent Abu Dhabi Islamic Bank