Information Security & Digital Risk Management

This role is responsible for conducting end-to-end risk assessments related to Technology Risk, Information Risk, and Cyber Risk, supporting the Bank’s continuous improvement and ensuring risks are well managed and mitigated.

Senior Level (AVP – SAVP)

Requirements: Bachelor’s degree in Information Technology, Cybersecurity, or related fields Experience in IT application development, IT audit, security testing, and analytics Strong knowledge of DevSecOps, SDLC, penetration testing, and data analysis/reporting tools (Excel, Power BI, SQL) Programming experience in Python and/or Java Knowledge of virtual machines, cloud environments, and open-source technologies Experience using open-source security tools Experience in data/log correlation and reporting (SQL, Power BI, QlikView, R, Excel formulas) Background as Business Analyst or Application Developer is a plus Proven experience leading and managing a team Strong planning, execution, and task tracking skills Strong problem-solving mindset with practical and secure solutions Good communication and stakeholder management skills

Responsibilities: Conduct thematic and end-to-end application security assessments Identify potential vulnerabilities and technology risks in Bank systems Propose risk mitigation strategies and improvement plans Collaborate with Business and Technology teams across the Bank Track and monitor findings and remediation progress Develop themes and trends for ongoing risk assessments Prepare management reports and dashboards (risk metrics & trends) Investigate incidents and perform root cause analysis Develop and manage thematic assessment plans Supervise and validate control testing activities Identify emerging threats and external incidents and translate them into lessons learned

Junior Level (Senior Manager)

Requirements: Bachelor’s degree in Information Technology, Cybersecurity, or related fields Experience in IT application development, IT audit, security testing, and analytics Knowledge of DevSecOps, SDLC, penetration testing, and reporting tools (Excel, Power BI, SQL) Programming experience in Python and/or Java Knowledge of virtual machines, cloud environments, and open-source technologies Familiar with open-source security tools Experience compiling data/logs for reporting (SQL, Power BI, QlikView, R, Excel formulas) Experience as Business Analyst or Application Developer is a plus Good communication skills

Responsibilities: Conduct thematic and end-to-end application risk assessments Identify security vulnerabilities and technology risks Propose improvement points and risk mitigation actions Collaborate with Business and Technology teams Track and monitor findings and action plans Prepare management reports and visualized risk trends Investigate incidents and perform root cause analysis Conduct control testing and validation based on KRI, RCSA, and action plans