This job posting isn't available in all website languages
ADN000188 Requisition #

Now it’s your time to join the #1 bank in the Middle East and one of the most prestigious financial companies in the region. Shaking up the world of banking requires a lot of smarts and skill. We’re looking for the brightest and best to help us reach our goals and we’ll also help you reach yours. Your success is our success as you grow stronger in your career. Join us and leave a legacy of your own, as a pioneer in both the company and the industry.

Job Purpose:

To plan, lead and manage the establishment of a framework for the identification of risks, internal controls, and monitoring of the Group Technology performance metrics, to ensure compliance with the regulatory requirements whilst continuously striving to improve the Group Technology efficiency.  A key aspect of this role will be to augment existing governenace, polices and processes appropriate to Cloud, DevOps and digital adoption strategies.

Key Responsibilities:

Strategic alignment

  • Foster proper communication and coordination among ITD units and teams, to ensure that the ITD endeavours reflect a cohesive understanding of the Bank’s strategic, business, and technological objectives.
  • Guide IT teams in formulating technology strategies and roadmaps framed within the business strategy.
  • Identify opportunities and formulates technology strategies and roadmaps in line with the agreed strategy. Actively support and participate in development of IT strategic, tactical and operational plans.
  • Monitor, evaluate, handle and report on the effectiveness of IT strategies, transformation plans and their alignment with bank’s objectives.
  • Establish and maintain IT Committees to effectively governance and manage IT
  • Derive the appropriate Governance initiatives from business and IT objectives

Cloud & Digital Technology Management

  • Actively participate in defining strategies for using cloud services as part of the bank’s strategic plan and technology architecture.
  • Determine appropriate level of governance for cloud computing environments and ensure sufficient control processes are defined for onboarding and management of cloud solutions.
  • Ensure development and implementation of Cloud Security Standards covering various aspects such as security configuration, provisioning, logging, and monitoring, identity and access management and network controls, security controls etc.
  • Assess the risk implications of digital innovation and its impact on technology risk profile of the bank. Provide recommendations to optimize the risks and ensure technology policy and process alignment.
  • Establish and maintain risk assessment capabilities to review and assess digital business models end to end.
  • Work with business and technology teams to better understand digital business risk and facilitate a balance between the need to protect the organization and the need to optimize customer experience.

DevOps/DevSecOps/Agile Practices

  • Establish and maintain policies, frameworks, methods and standards for the DevOps and agile practices.
  • Work with technology teams to automate control requirements across delivery pipeline. Collaborate with service teams to ensure CI/CD pipeline delivers faster time-to-market for the product and positive customer experience.
  • Ensure integration and standardization of related development methodologies across Technology service lines.
  • Facilitate the “shift to the left” approach of moving a task to an earlier stage in the development cycle to ensure the risk and security standards are met from the beginning
  • Advocate adaptation of continuous feedback loop mechanisms and ensure team members are regularly prompted to improve the development and maintenance of the solutions.
  • Coach agile teams in the methodology and ensure training is provided to employees on the agile practices.
  • Evaluate possible bottlenecks of running the application in production and suggest service improvement plans.
  • Ensure compliance and security best practices are incorporated throughout the development process.

Policies, Processes & Frameworks

  • Evangelise the agreed Governance & Risk practices across the division, with emphasis on business value creation for the Group
  • Oversee definition and maintenance of IT functions, controls, policies and processes
  • Analyse and identify internal environmental factors, business needs, external regulations, emerging technologies, laws, contractual obligations, standards and industry best practices and ensure that these are considered within IT Policies and Processes.
  • Responsible for the development and implementation of IT Governance & Risk Policies and Processes definition and implementation across the Group, with associated assurance testing frameworks. Responsible for the review and evolution of the same, aligned to the Group’s risk appetite.
  • Manage within the IT Governance model and process to optimize the value and benefits realization of IT investments, ensure alignment and prioritization of projects to the strategy.

Internal & External Compliance

  • Maintain external focus and demonstrate technical expertise and awareness of key industry standards and trends across IT Security and Risk management practices and accredited standards.
  • Deliver compliance to recognised industry standards and required regulations proactively.
  • Be proactive in informing and preparing the team for upcoming legal, regulatory and Industry requirements.
  • Periodically assess and improve IT controls, functions, policies and processes are to ensure that they are operating effectively and efficiently.
  • Act as a point of contact for internal/external auditors and regulators for all IT Strategy, Governance related items
  • Ensure management of international IT regulatory register in coordination with Group Compliance
  • Institutionalize operational controls such as project and change management gate reviews to optimize overall control effectiveness

Continual Improvement

  • Ensure continual adoption of industry best practices for overall governance & management of IT
  • Quantify the value add of the team from improvements in the control environment and reduction in risk to the IT and the business.
  • Direct the team to implement proper communication channel to maintain IT Policy and process awareness among IT staff
  • Oversee development of key metrics and KPIs to ensure effective and efficient measures are in place
  • Promote an IT risk-aware culture and empower the teams to proactively identify IT risk, opportunity and potential business impacts.
  • Ensure IT performance measurement systems are in place and accurate reports are shared with relevant stakeholders.
  • Identify and lead risk automation practices and tools to streamline efficient operation of the team and seamless interactions with its stakeholders.  Drive the Governance team to transparency of status backed by integrity and single source of truth data.

Resource Management

  • Establish beliefs, values, attitudes, and unwritten guidelines to reinforce the IT best practices and organizational culture
  • Work with IT management to establish appropriate right sourcing strategies for all IT resources
  • Work with various internal and external stakeholders to develop training & development plans for IT staff
  • Responsible for hiring, development, and leadership of staff, continuous improvement of department processes and tools.
  • Lead and motivate people up and down the line to act in accordance with philosophy, policies, procedures, and standards in carrying out the plans.
  • Responsible for engaging, empowering, developing, and rewarding a talented and highly dedicated team of IT Governance and Risk professionals.
  • Operate an efficient workload planning process for the team, and identify the appropriate resourcing solutions to deliver each objective.

Minimum Qualification:

  • Bachelor’s degree in Information Technology or related discipline
  • Master’s degree in Business Administration is preferred

Minimum Experience:

  • 13 or more years of working experience in IT Security, Risk and Governance practices in a cloud, devops, agile and/or digital context.
  • 5+ years of experience working in leadership role IT Security, Risk and Governance
  • Evidence of influencing senior stakeholders and dealing with external auditors and regulators
  • Good understanding of process models in ISO and industry standards relating to IT Security, Risk and Governance.
  • Good understanding of security and risk management in financial institutions.
  • Good understanding of innovations / trends in IT and fintech in particular
  • Knowledge and expertise in virtualization and cloud computing environments (different cloud models and types).
  • Hands on experience in using various Cloud Security best practices such as Cloud Security Alliance (CSA) guidelines and National Institute of Standards and Technology (NIST) guidelines.
  • Demonstrated experience in conducting technical risk assessments for various Cloud platforms.
  • Candidate should have experience with AWS and Microsoft Azure cloud offerings
  • Require business acumen and sufficient technical knowledge to assess risk in an integrated digital enterprise, and make recommendations for addressing that risk.
  • Experience working with Containers, APIs and Microservice architectures
  • Experience as a Scrum master or with the agile methodology
  • Knowledge of business processes, regulatory issues and risk assessments covering privacy, security, business continuity and financial aspects.
  • Ability to translate very technical issues into business-related decision points
  • Achievement of industry recognized certifications such as CISSP, CRISC, CCSP, CCSK, CISA etc.
  • Achievement of AWS and Azure cloud certifications is preferable.
  • Strong analytical capabilities and knowledge of related tools and processes.  Proven ability to handle volume detail and summarise effectively
  • Excellent knowledge all aspects of technology: infrastructure; operations, security, development, change/transformation, support, innovation, vendor management etc., and banking related processes especially risk management. Should have demonstrable experience of working in the majority of these domains.
  • Good understanding of banking related environments – especially around high availability, data confidentiality, security etc.
  • Good understanding of project management to drive the team to deliver to objectives and to oversight the division’s change governance
  • Good knowledge in different IT process models (ITIL / ISO / COBIT etc.).
  • Budget and cost management
  • Quality – Availability of record of activities carried out by the unit, in compliance with quality assurance requirements
  • Vendor management – Efficient use of outsourced vendor teams. Performance of vendors as per committed SLAs

Previous Job Searches

Activity Feed

Job shares through First Abu Dhabi Bank
Someone applied to the VP, IT Risk position. 18 minutes ago
Someone applied to the VP, IT Risk position. About an hour ago
Someone applied to the VP, IT Risk position. 2 hours ago

Similar Listings

Abu Dhabi, United Arab Emirates

📁 Operations

Requisition #: ADN000189