Overview
The Digital Program Specialist - IT Risk and Program Management will manage the Bank’s IT supply-chain risks, including IT outsourcing, third-party security, cloud services, and embargo and sanction risks. The role will also support IT security and AI risk program management.
Tasks Summary
- Conduct IT security and risk due diligence on vendors and third parties.
- Collaborate to ensure vendors’ security risks and embargo and sanction risks are assessed.
- Lead the Third-Party Security Assessments (TPSA) program.
- Coordinate IT Outsourcing management activities.
- Support the Responsible AI Governance framework.
- Conduct ongoing risk assessments of AI use cases and systems.
- Coordinate with IT and business teams for IT security and risk initiatives.
- Support internal and external IT audits, ICFR control testing, risk control assessment.
- Track, analyze, and report on the effectiveness of IT security and risk programs.
Experience Requirements
- 5-8 years of relevant working experience in IT risk and program management and relevant fields, preferably with financial institutions.
- Hands-on experience conducting due diligence and third-party security risk assessments.
- Strong knowledge of IT outsourcing risk, cloud risk, AI risk, and embargo and sanction risk.
- Familiarity with cloud security principles and cloud-native security solutions on Azure and AWS.
Qualification Requirements
- Bachelor’s degree in computer science, information security, data science, risk management, or a related discipline.
- Master's degree would be a plus.
- Certifications such as CISSP, CISM, CRISC, PMP, and ISO 27001 Auditor would be an advantage.
