IDB2842 - TECHNICAL RISK ASSURANCE AND SECURITY SPECIALIST Business Unit: Administration Complex Division: Not Applicable Department: Information Management & Dist.Technology Contract type: Regular Staff Country: Saudi Arabia Location: Saudi Arabia - Jeddah Closing date: 22-Aug-2022

JOB PURPOSE: The Technology Risk, Assurance, Resilience and Security is responsible to plan, monitor, manage and report technology risk and assurance management, quality, resilience and security practices in IMDT. Additionally, he is responsible for coordinating appropriate mitigation to address technology risks, quality issues and overseeing IsDB’s resilience capabilities and security governance are appropriate and managed.

KEY RESPONSIBILITIES:

• Establishes and maintains the technology risk and assurance plans, framework, standards and supporting guidelines and processes to enable IsDB manage technology and information risks in adherence with the business strategy, maintaining adherence to IsDB Internal Audit and Risk Management Department frameworks and methodologies.
  • Leads the performance of technology risk assessments to identify, assess, mitigate and manage technology-related risks; identifying risk themes to initiate appropriate projects.
    • Oversees IMDT assurance plans and communicate them to concerned IMDT divisions.
      • Ensures adherence with risk frameworks and methodologies defined by the Risk Management Department, with specific technology risk standards and procedures defined and maintained. Coordinates identifying critical control points and preventive measures.
        • Leads, defines and maintains the IMDT control test framework across the scope of relevant IMDT processes, policies and standards; adopting a risk-based approach for the frequency and testing of controls.
          • Manages IMDT control design and effectiveness testing across the key control objectives, identifies the outcomes and documents the impact of control weaknesses with remediation requirements.
            • Leads and assesses the impact of IT-related legal and regulatory requirements on third-party contracts related to IT operations and service providers.
              • Evaluates IMDT standards and processes to ensure adherence to applicable legal, regulatory and contractual requirements.
                • Leads IMDT-wide quality assurance activities to ensure expectations are consistently achieved across IMDT responsibilities, and any issues are identified and resolved in a timely manner.
                  • Coordinates with the IT Strategy and Governance Manager during execution of any assurance initiative to identify compliance gaps and assists in defining corrective actions.
                    • Manages and carry out quality assurance and regulatory compliance audits. Monitors progression against action plans.
                      • Manages coordination of internal and external audit activities by liaising across IMDT to provide the appropriate access to the data and systems and where necessary, investigates the root cause of non-compliance.
                        • Manages and identifies recurring patterns of non-compliance, providing recommendations for technical / procedural solutions, enhancements, policy/standards improvements and other remediation requirements.
                        • Act as the reliable IT hygiene team member in early engagement in reviewing, validating, challenging the proposed MAPs for audit reports to ensure practicality of the proposed resolution actions to support clearing the audit observations, effective detailed implementation of MAPs, confirmation of implementation status, collecting evidence, prepare and updating performance dashboards on periodic basis of the audit observations.
                        • Reports audit and assurance plans execution progress or any obstacles periodically to Director IMDT and Divisions Managers.
                        • Identify areas where actions are required to enhance quality assurance standards and ensures issues and findings are immediately reported to relevant IMDT Divisions Managers.
                        • Oversees the implementation of processes, policies, procedures and controls covering all areas of IMDT department activities to ensure that all relevant procedural requirements are fulfilled while delivering an IT quality service.
                        • Manages and defines IsDB’s technology resilience capabilities across disaster recovery, backup and restoration, and IT crisis management; with appropriate standards, guidelines, and procedures for applications and infrastructure to ensure that systems can be reinstated in a timely and integral manner in the event of a disaster scenario.
                        • Coordinates with business continuity to identify disaster recovery requirements, risks, mitigation plans, and alignment; perform resilience test activities including drills, simulations, and table-top exercises and ensures findings are addressed on a timely basis.
                        • Manages and defines the information security policies, processes and procedures with collaboration with Risk Management Department and ensure the adherence to the policies across IT services.
                        • Manages and oversees the technology assurance, information security and resilience awareness initiatives within IMDT and IsDB.

                          JOB REQUIREMENTS:

                          Academic Qualifications:

                        • Bachelor's degree in Management Information Systems, Cybersecurity, Computer Science or Business Management.

                          Experience:

                        • 8+ years of experience in cybersecurity, technology risk, assurance, quality management and IT controls assurance.

                          Skills and Necessary Knowledge:

                        • Technology risks, controls, quality and assurance

                        • ▪ Technology resilience
                          ▪ Cybersecurity
                          ▪ Strong knowledge of IT functions and services
                          ▪ IT Hygiene

                          📚 𝗗𝗶𝘀𝗰𝗼𝘃𝗲𝗿 𝗛𝗼𝘄 𝘁𝗼 𝗚𝗲𝘁 𝗮 𝗝𝗼𝗯 𝗶𝗻 𝘁𝗵𝗲 𝗨𝗡 𝗶𝗻 𝟮𝟬𝟮𝟯! 🌍🤝 𝗥𝗲𝗮𝗱 𝗼𝘂𝗿 𝗡𝗘𝗪 𝗥𝗲𝗰𝗿𝘂𝗶𝘁𝗺𝗲𝗻𝘁 𝗚𝘂𝗶𝗱𝗲 𝘁𝗼 𝘁𝗵𝗲 𝗨𝗡 𝟮𝟬𝟮𝟯 𝘄𝗶𝘁𝗵 𝘁𝗲𝘀𝘁 𝘀𝗮𝗺𝗽𝗹𝗲𝘀 𝗳𝗼𝗿 𝗨𝗡𝗛𝗖𝗥, 𝗪𝗙𝗣, 𝗨𝗡𝗜𝗖𝗘𝗙, 𝗨𝗡𝗗𝗦𝗦, 𝗨𝗡𝗙𝗣𝗔, 𝗜𝗢𝗠 𝗮𝗻𝗱 𝗼𝘁𝗵𝗲𝗿𝘀! 🌐

                          ⚠️ 𝐂𝐡𝐚𝐧𝐠𝐞 𝐘𝐨𝐮𝐫 𝐋𝐢𝐟𝐞 𝐍𝐨𝐰: 𝐏𝐨𝐰𝐞𝐫𝐟𝐮𝐥 𝐓𝐞𝐜𝐡𝐧𝐢𝐪𝐮𝐞𝐬 𝐡𝐨𝐰 𝐭𝐨 𝐠𝐞𝐭 𝐚 𝐣𝐨𝐛 𝐢𝐧 𝐭𝐡𝐞 𝐔𝐧𝐢𝐭𝐞𝐝 𝐍𝐚𝐭𝐢𝐨𝐧𝐬 𝐍𝐎𝐖!

                      • Analytical Conceptual thinking and problem solving
                        ▪ ITIL
                        ▪ Taking initiatives

                        COMPETENCIES:

                        Core/ Behavioural

                      • Client Focus
                    • Drive for Results
                  • Collaborates
                • Self-Development
              • Communicates Effectively

                Leadership

              • NA

                Technical

              • NA