Apply now »

BUSINESS RISK MANAGER, INFORMATION TECHNOLOGY GROUP

Job Summary 

 

Lead and guide the business line management and personnel in its risk management responsibilities on a day to day basis, specifically identifying, managing and reporting operational risks inherent in the products, activities, processes and systems for which they are accountable. 

 

Specific Duties & Responsibilities

 

  • Direct the implementation of the IT risk management framework ; communicate its benefits and business value by promoting and spearheading the use of the various risk management tools
  • Conduct quality IT risk assessments and perform deep dive analysis to identify process and control gaps including root causes of risks
  • Ensure the business line specific policies, processes, and procedures are adequate and effectively implemented
  • Identify the IT Group’s risk management training needs and ensure appropriate education is provided
  • Assist the IT Group in developing risk responses, establishing risk mitigating actions and solutions and defining timetables and accountabilities
  • Ensure that the risk mitigation strategies and processes as approved by the board and senior management are executed
  • Determine the IT Group’s risk exposures, emerging risks and risks that would have an impact to other business units and communicate to Senior Management
  • Regularly review identified key IT risks, internal controls and operational risk mitigation strategies and processes within the business unit to effectively manage operational risks within approved risk tolerance, and consistent with enterprise – wide policies and procedures established
  • Provide regular IT risk updates by preparing risk management reports for reporting to various bank level and board level committees articulating significant risk exposures that need immediate attention
  • Intervene and escalate instances when risk management efforts are hampered such as individuals attempting to stifle risk management activities

 

Qualifications:

 

  • Graduate of a Bachelor’s Degree or MBA
  • Must have at least 10 years of progressive experience in IT Risk Management
  • Solid understanding of IT Business and Operations
  • Prior experience creating and leading implementation of the IT Risk Management Framework
  • Experience reviewing and identifying gaps in the IT Risk Management Process and Policies
  • Experience in leading implantation and achievement of KRAs and KPIs within the IT Risk Management unit
  • Strong knowledge of BSP Circular No. 1213 (2025)
  • Preferably with IT Risk Management experience in a local bank
  • Must be willing to report in either the Metrobank Center, BGC or Metropark Pasay office, Mondays to Fridays

Apply now »