TECHNOLOGY RISK ANALYST-    (PEOPLE'S BANK)

About Us

People’s Bank, a premier bank in Sri Lanka with the largest customer base providing innovative financial solutions to its diversified clientele for over six decades as a conducive environment for those who strive to achieve excellence and believe in professionalism, the bank is looking for talented & dynamic individuals to fill the following supportive position

About The Role

The Technology Risk Analyst assists the Technology Risk Manager in identifying, assessing, managing, and mitigating technology-related risks within the organization. This role involves with Technology Risk Manager to develop technology risk management strategies, policies, and procedures to protect the bank's information assets and ensure compliance with both internal and external regulations.

DUTIES AND RESPONSIBILITIES

Planning & Reporting

• Assist to develop, establish, and implement policies and frameworks for IT security and risk management.
• Monitor, Analyze, and report the information related safety, and security measures of the bank.
• Preparing reports related to Technology Risk to Board & Management committees as required by the Technology

Risk Manager and DGM-Risk Management.

Leadership and Management

• Perform/Monitor technology risk assessments, which comprise analyzing, identifying, describing, and quantifying
• technology risks that impact all business operations of the bank.
• Assist to review technology risk related disaster recovery procedures and preparing technology risk management
• plans to facilitate bank’s business continuity plan.
• Monitoring and analyzing technology risk related security alerts.
• Assist to implement and periodic review of Risk and Control Self-Assessment (RCSA) process for information
• technology and information security-related services, including third party service providers.
• Support to conduct Risk and Control Self-Assessment (RCSA) process quarterly for information technology and
• information security related service.
• n Assist to design and establish comprehensive technology Risk Management Process in line with CBSL direction No. 16
• of 2021 and its addendums.
• Ensure compliance with CBSL direction No. 16 of 2021 and its addendums.
• Periodically check the achievement of action plans relevant to technology risk management.
• Assist Technology Risk Manager by aligning technology risk initiatives with business objectives.
• Assess and report reputational risk related incidents derived from technology risk and take/recommend mitigation actions to manage reputational/financial losses.

Market Scoping, Business Development & Brand Positioning

• Analyze technology risks at the time of introducing new technology driven products or services to the bank and
• report vulnerabilities and mitigating measures.
• Review key IT projects regarding their technology risks.

Relationship, Stakeholder, and Key Account Management

• Maintenance of relationship with ISO Unit, IT Department, and Internal Audit Department.
• Develop and maintain good communication channels with other risk partners, such as Enterprise Risk Management, Operational Risk Management etc.

• Create and maintain an external network with other senior IT Risk Managers and relevant risk forums.

Role Specific Competencies

• Knowledge on Technology Risk Management Including cyber security.
• Technical Knowledge on IT systems and digital products used by the bank.
• Communication skills including technology risk related presentations.
• Comply with regulatory qualifications decided by CBSL time to time
• Ability to increase awareness, provide education, and training to employees inside the organization
• n Proper understanding of new technology developments and possible technology threats.
• n Ability to analyze Information security measurements of the Bank and re-engineering

QUALIFICATIONS

Should possess one of the following qualifications

• (ISC) 2 Systems Security Certified Practitioner (SSCP)
• ISACA CSX Practitioner Certificate (CSXP)
• GIAC Security Essentials (GSEC)
• Bachelor's degree in Information Security or Bachelor’s degree in computer science/Information Technology specializing in information Security

METHOD OF SELECTION

Shortlisted applicants based on the stipulated qualifications will be called for an interview. The appointment will be made on contract basis and performance will be evaluated annually.

REMUNERATION

An attractive and negotiable remuneration package commensurate with qualifications and experience will be offered to the selected candidate.

APPLICATIONS

Please send details of achievements and experience relevant to the job applied for together with your curriculum vitae along with copies of certificates and contact numbers of two non-related referees. The post applied for should be stated in the subject line of the Email and should reach the Email Address : recruitment@peoplesbank.lk on or before 11.11.2024.

An Email confirmation of receipt will be sent upon the receipt of the curriculum vitae. In the event a confirmation has not been received within a reasonable period of time, you may inquire regarding the application on telephone numbers

0112481542/0112481416.

All applications will be treated in strict confidentiality and any form of canvassing will be regarded as a disqualification. All incomplete and Non - complying applications will be rejected.

The Bank reserves the right to decide the number of vacancies, postponement or cancellation of recruitment or on any other information not included in the advertisement.

Deputy General Manager (Human Resources)

People’s Bank - Head Office

NO. 75, Sir Chittampalam A Gardiner Mawatha,

Colombo – 02.