This role, as a second line-of-defence,is required to work with first line-of-defence functions to identify, assess, monitor and report key IT risks. This role is also required to work closely with divisions/functions to understand and document controls and identify potential areas of improvement.Experience in IT and CybersecurityRisk management is necessary, with good communication and written skills.

• Support in the implementation and operation of the IT risk management framework, policies, processes, and procedures
• Assist in the identification, prioritisation, assessment, monitoring and reporting of key IT risks
• Conduct risk and controls self-assessment (RCSA), operational loss event reporting, assess risk control adequacy and effectiveness
• Monitor and report risk tolerances and key risk indicators
• Support incident risk management and escalation, IT risk-related projects and/or initiatives