Technology Risk Manager

Key Responsibilities:

Risk Assessment and Analysis:

• Conduct thorough assessments of technology-related risks, including cybersecurity, data privacy, and compliance issues.
• Analyze the potential impact of identified risks on business operations and reputation.

Risk Mitigation Strategies:

• Develop and implement effective risk mitigation strategies to minimize the impact of potential threats.
• Collaborate with IT and security teams to implement technical controls and measures.

Policy and Compliance:

• Stay abreast of relevant industry regulations and standards.
• Develop and maintain technology risk management policies and procedures to ensure compliance.

Incident Response:

• Develop and lead incident response plans to address and contain technology-related incidents.
• Work closely with the IT Security team to investigate and resolve security incidents.

Communication and Training:

• Communicate risk assessment findings and mitigation strategies to key stakeholders.
• Provide training and awareness programs to educate employees on technology risk management best practices.

Vendor Risk Management:

• Evaluate and manage risks associated with third-party vendors and service providers.
• Collaborate with procurement and legal teams to assess and monitor vendor security controls.

Continuous Improvement:

• Regularly review and update risk management processes to adapt to evolving threats and technology trends.
• Identify opportunities for improvement and implement best practices in technology risk management.

Qualifications:

• Bachelor's degree in Information Technology, Cybersecurity, Risk Management, or related field.
• years of experience in technology risk management or a related field.
• Strong understanding of cybersecurity principles, frameworks, and best practices.
• Familiarity with relevant regulations and standards (e.g., GDPR, ISO 27001, NIST).
• Excellent communication and interpersonal skills.
• Relevant certifications (e.g., CISM, CRISC, CISSP) are a plus.