• As an IT Risk SME – you would know that managing cybersecurity and technology risk is a major challenge for virtual banks going forward… 
• Virtual banks must adopt a fit-for-purpose risk management approach that balances the simplicity and convenience of digital platforms and mobile applications with data protection, cybersecurity controls and a highly resilient IT infrastructure. 
• By promoting trust using the latest technology for IT delivery and cyberdefense, virtual banks can provide innovative, reliable and secure banking experiences to all their customers.

Key Risk Factors Faced by Virtual Banks

• Information and cybersecurity riskTechnology stability and resilience riskPersonal conduct riskRegulatory riskThird-party risk – cloud governance and third-party – Software as a Service (SaaS) vendorsDo you have; 
• Solid IT Risk at a large leading bank experience – providing Software as a Service? 
• Will to start over and write your own processes and policies? 
• Experience in working with the Regulator directly? 
• Third party risk management experience? 

Then read on.. 

Main KPI’s would be (not limited to) … 

• To ensure the business risk management framework is effectively applied to technology and information systems and to oversee business continuity, security and quality 
• To plan, execute, and manage multi-faceted projects related to risk management, mitigation and response, compliance, control assurance, and user awareness 
• To oversee security strategies, policies/standards, ensuring the effectiveness of solutions, and providing security-focused consultative services to the business
• Manage expenditure planning and reporting within approved budget parameters
• Anticipate and meet the needs of clients and commit to continuous development and entrenchment of a customer service culture
• Establish mutually beneficial relationships with stakeholders that support thought leadership, innovative and integrated practice solutions
• Provide subject matter expertise and thought leadership
• Management of risk including identification, analysis and evaluation of risks across the business and oversee implementation of appropriate control measures to modify the risk.
• Oversee the monitoring and reviewing of risk performance
• Recommend and ensure implementation of required changes to IT risk and security policies and procedures
• Provide tactical direction and consultation on IT risk and compliance, contribute to IT risk reports, and review and assess quality and accuracy of IT reports
• Provide guidance on IT continuity and disaster recovery design and implementation for business disaster recovery management programs
• Provide input into the development and maintenance of the risk framework (a single view of the business’ risk profiles and tolerance)
• Planning, execution, and management of multi-faceted projects related to compliance, control assurance, risk management, security and infrastructure
• Serve in an advisory role in application development and infrastructure projects to assess risks
• Monitor IT incident and response management
• Drive IT Risk awareness training programs
• Monitor implementation and effectiveness of security outputs
• Liaise with Audit (Internal and External) and Contract reviews
• Collaborate with Operation Risk
• Participate in planned activities that are appropriate for own and employee development
• Develop, encourage and nurture collaborative relationships within Bank and/or across the Group
• Manage people by executing management responsibilities and create an environment that encourages employee growth and performance excellence
• Actively coach team through providing advice about subject matter, solutions, principles and processes, and personal progression with the aim to improve performance

Must Have experience in;

• Digital Banking knowledge is preferred 
• Additional Knowledge – South African Banking Regulations and Banking standards NCA, FICA, FAIS and TCF 
• Basel II
• Risk and Control Identification and Assessment 
• Risk tools 
• Creating reports
• Green fields – Develop risk control monitoring plan