Analyst - Control Environment Centre of Excellence (CECoE)
Description
- Support the local Information Risk Manager;
- Support the information risk processes implemented and managed by GRCB IM;
- participate in GRCB information risk management activity to safeguard the Bank's information; and
- contribute to the effective and timely management of information risks within GRCB, in accordance with the Bank's operating model and risk appetite.
- GRB IM principal risk reporting and conformance testing.
- Policy and standards maintenance and compliance measurement.
- GRB IM policy and standards dispensation management.
- Information risk event and incident management.
- Provision of general guidance and support to the business on information risk matters.
- Provision of general guidance and support to the business on general queries relating to policies, standards and processes.
- Project support for initiatives that feature information risk management.
Qualifications
Personal Specification
Essential
Excellent communication skills.
Ability to manage and prioritise a varied workload.
A thorough understanding of at least three of the following areas; -
risk management;
logical access management;
records management;
information/data quality;
information/data classification;
information/data privacy;
operational risk;
compliance; and
internal/external audit.
Understanding of risk and control concepts.
Understanding of information security and data protection subject matter.
Preferred
Experience of policy implementation and compliance monitoring.
Awareness of disciplines and industry standards such as ISO27001, ISO17799, COBIT.
CISM, CISA, CISSP accreditations or equivalents.
2 to 5 years experience of working in a large bank or financial organisation.
Post a Comment