IT Risk Officer

Job Description

State Mortgage & Investment Bank Career Opportunities at SMIB

MIB

SMIB, as the premier housing bank to the Nation, is in the process of transforming the Bank’s operation to offer a higher level of customer satisfaction and a wider variety of digital services. As such, we invite applications from candidates who have demonstrated dynamic leadership roles and. make full commitment for a technological transformation with relevant qualifications and experience for the following post.

IT Risk Officer

Key Responsibilities

Ensure CBSL Baseline Security Standard guideline is adhered by the Bank without

exceptions

Review & validate information Security risk awareness.

Evaluate the adequacy and effectiveness of IT systems & infrastructure System controls/Strategies/ Policies & Procedures/Agreements.

Conduct pre and post implementation reviews of IT systems and ensure they are aligned with

risk appetite of the Bank

Closely work with IT & Audit to review initiatives linked to IT security.

Evaluate IT system risks and draft IS audit reports with recommendations.

Close coordination with HR in identification and resolving of knowledge gaps in information security via suitable training programs.

Review and follow up actionable items on reports of periodic penetration testing/vulnerability

assessments/ external events of significance escalate to EIRMC. Proactive participation in the yearly IT BCP drill conduct by the Risk Management Division.

Carry out sample control testing of IT risk linked procedures and processors based on critical areas of significance.

Ensure effective functioning of II security incident management system.

Develop, monitor and report IT security related KPIs.

Reviewing of IT policies

Escalate risk related to system implementation.

Qualifications

A Bachelor’s Degree in Information Technology. Computer Science, or Information Systems Management from a UGC recognized University with one of the following qualifications. -IT security certificate (CISA, CISM, CISSP, OSCP, OSCE, GIAC, ISO 27001 lead auditor/ implementer)

Experience

Overall four (04) years of experience in a Bank /Financial institutions / IT risk advisory or assurance Hands on work experience in information security with experience in either network or application security. The candidate should have good communication, interpersonal skills.

Remuneration

Salary Scale- Rs. 62,060-980 x 20-81.660 per month together with bank approved allowances (Cost of Living, Rent & 10% Allowance. Total monthly gross salary would be Rs. 155,000/- approximately).

Age Not more than 40 years (However the age limit will not apply to those already employed in a state sector organization)

General Conditions

Method of Selection Selection by an Interview as per the recruitment policy and procedure of the bank

Closing Date for Applications 18.04.2024

How to Apply

Interested qualified candidates should send their Curriculum Vitae and copies of their Educational/

Professional transcripts and the names, addresses and contact numbers of two professional non-

related referees via the below email address.

All applications will be treated in strict confidential and any form of canvassing will be regarded as a

disqualification. The Bank reserves the right to decide the selection, postponement or cancellation of

recruitment or any other action and/ or change the selection criteria for this recruitment. The decision

of the Board of Directors will be final and conclusive.

Applications should only be sent via careers@smib.lk