The Information Technology Risk Management (ITRM) Officer is responsible for co-developing and maintaining an effective and efficient Information Technology Risk Management System of the Bank measured up with regulatory requirements, internal needs, and best practices.

People Management

• Provide training, solicited opinions and advice to the assigned business unit on ITRM issues, new risk management policies, processes/practices and relevant regulatory requirements.
• Hold interactive meetings for and with the business/line to jointly evaluate and resolve risk management issues if any.

Risk Management

• Develop and update the ITRM Framework and guidelines for the Bank.
• Recommend improvement on IT Risk Management System and its enterprise-wide implementation.
• Recommend IT Risk Management related policies; policies must include among others, regulatory and best practice-prescribed standards and measures related to IT risk.
• Review and update the IT Risk Management policies/guidelines/implementing procedures.
• Develop and implement the bank's IT risk assessment methodology, tools and risk reporting system aligned with the enterprise wide risk assessment process and ensure that these are continually updated to obtain reliable reading and assessment of the assigned business units.
• Oversee and coordinate the operational risk taking and management activities of ITG and other assigned business units of the Bank.
• Draft reports on relevant information and technology risk information and exposures to be elevated/presented to the board and senior management.
• Take lead on the review and assessment of policies and procedures related to automation, technology projects, e-products, and other ITRM related processes of business units.
• Implement the annual ITRM Plans and track progress/compliance thereto.
• Coordinate with compliance function, internal audit, and external audit on IT risk matters.
• Report to the appropriate level of management on events/opportunities that impacts the Bank's IT risk framework or risk process or business/line risk profile or its risk return.

• Bachelor's degree in any field, preferably business-related course
• Relevant certifications (e.g. CRA, CRM, CISA, CISM, etc.) are a plus
• At least 5 years experience in IT risk management, IT Audit and/or IT operations

Salary Range Disclaimer: The salary range provided for this position is intended to serve as a general guideline and is subject to change based on factors such as qualifications, experience, and outcome of the overall hiring process. The final offer may vary and is not guaranteed to fall within the listed range.