Senior Manger - IT Governance

Senior Manger – IT Governance

Degree holder of Computer Science, Information Technology, Software Engineering, Business Administration, or relevant educational and professional experience.
Relevant professional designations (e.g. CISSP, CGEIT, CRISC, CISM, CISA).
8+ years of IT/Information Risk management experience: vendor risk management, project risk management, IT audit or IT controls assessment.
8+ years of experience in a combination of relevant technical disciplines in the field of Information Security: network security, application security, identity and access management, IT operations security, vulnerability management, information protection, physical security, cybersecurity.
Deep knowledge of cloud computing security and IaaS, PaaS or SaaS environments.
Knowledge of risk, security and AI frameworks (e.g. ISO 27001, COBIT, NIST), regulatory requirements and standards related to cybersecurity, privacy, and data protection laws relevant to the organization (e.g., GDPR, CCPA, AIDA, FEAT, Sarbanes-Oxley).
Solid understanding of information security controls and risks, risk management, IT governance, and security tools and technologies.
Good communication, presentation, and facilitation skills to all levels and audiences.
Problem solving, analytical, and innovative approach.
Strong time management and organizational skills to manage multiple tasks and changing priorities.

Supports development, implementation, and maintenance of Global Data Technology risk management and cybersecurity governance frameworks, policies, and procedures aligned with industry standards and regulatory requirements.
Supports security and business leaders in defining KRIs/KPIs and metrics aligned with business initiatives and monitoring those to measure effectiveness of risk management and cybersecurity programs and initiatives.
Coordinates risk analysis activities, IT general control performance assessment and evaluates governance processes supports development of complete information risk governance reporting capabilities.
Monitors the implementation of IT general controls for technology and business project plans.
Performs high quality analysis of risk data to identify causes of trends and works with information owners to document control plans.
Maintains comprehensive documentation of governance-related processes and activities and supports updates of risk management and cybersecurity policies, standards, and guidelines.
Collaborates with IT control execution teams to develop and maintain incident response plans, ensuring swift and effective responses to security incidents.
Recommends improvements to enhance the overall risk, compliance and security processes, including the emerging AI technology.
Stays updated on evolving cybersecurity threats, risk assessment methodologies, and reports leading practices, contributing to the enhancement of risk reporting processes.

Influence behavior to reduce risks and foster a strong information security risk management culture.
Familiarity with information technology, operational risk, cybersecurity and regulatory compliance governance frameworks and their implementation.
Knowledge of security technologies.
Proficiency in using data visualization tools (e.g., Power BI, Grafana, etc.).
Knowledge of statistical data analysis and reporting toolsets.
Knowledge and understanding of the financial industry is preferred.