Technology Risk

Purpose of Job The candidate will be responsible for conducting risk and controls assessments across various technology domains and ensuring the implementation of technology controls. They will collaborate with IT Partners to lead technology-related projects from a risk perspective, including ISO22301, and will engage with stakeholders to design controls and assess control maturity and gaps. Additionally, the candidate will partner with risk, compliance, and audit teams to address technology control-related issues, ensuring proper resolution, escalation, and reporting procedures are followed. Their focus will be on enhancing control awareness and effectively managing risks within the global information technology organization

Roles & Responsibilities: Proven experience in technology risk management, preferably in a financial services or regulated industry. Develop and implement technology risk management strategies and policies. Conduct regular risk assessments of Informational Technology (IT) Infrastructure & Service Management (including access management, capacity management, change & patch management, data migration controls, cloud computing services, cryptographic controls, physical & environmental controls, Network, database, metrics, VAPT, identity management, and others), identifying potential vulnerabilities and threats. Collaborate with IT teams to ensure that security controls and measures are effectively implemented. Monitor and analyze security incidents and breaches, and provide recommendations for improvement. Stay up-to-date on emerging technology risks and regulatory requirements. Prepare and present reports on technology risk management activities to senior management and stakeholders Develop and implement plans for responding to Technology breaches, ensuring that incidents are properly investigated, reported, and addressed Developing security requirements and guidelines, and overseeing the implementation of security controls Stay current on emerging threats, trends, best practices, industry standards, regulations, etc Perform Thematic Reviews on Bank’s Products, Applications and Technology/Platform services in accordance with Risk calendar plan and report the findings along with management action plan and recommendations to the ORMC/RMCB Monitor operational Key risk indicators (KRI’s) and escalate any potential breaches or concerns related to Technology, BCMS, Third Party Risk and Cyber Security domains Understanding of Outsourcing & Third party Vendor risk related regulatory requirements and risks associated with outsourcing of services by Payments Bank to Third Party vendor and possessing experience in conducting Third party Vendor risk assessments including cyber security framework and related risk Understanding of ISO 22301 BCP requirements and support the BIA assessment and development of BCMS and crisis management plan Understanding of RBI and CSITE etc. and related regulatory requirements applicable on Technology, Cyber security & Third party vendors

Education Bachelor's degree in Computer Science, Information Technology, Risk Management, or a related field. Master's degree or professional certifications (e.g., CISA, CRISC, CISSP) are a plus. Strong understanding of IT systems, cybersecurity principles, and risk assessment methodologies. Familiarity with regulatory requirements such as GDPR, PCI DSS, ISO 27001, and other relevant standards. Key Skills Technology Risk, information technology risk consultant,