· Develop, implement, and maintain information security policies, standards, and procedures aligned with banking regulations and industry standards.
· Support identification, assessment, and management of information security and cyber risks across systems, business processes, and outsourced services.
· Oversee information security aspects of third party and outsourcing risk, including participation in due diligence, risk assessments, and ongoing monitoring activities.
· Monitor and follow up on remediation of findings arising from penetration tests, vulnerability assessments, and other security testing activities, ensuring timely and effective closure.
· Assess information security, data protection, and governance controls for AI‑enabled systems and third‑party solutions, including risks related to data usage, model lifecycle, explainability, and alignment with applicable regulatory and supervisory expectations.
· Support internal/external and regulatory IT & Information Security Audits, including preparation of documentation, evidence collection, audit coordination, and follow up of findings.
· Conduct regular reviews of the information security control framework and recommend improvements as necessary.
· Stay informed on emerging cyber threats, regulatory developments, and supervisory expectations relevant to the banking sector.
· Support information security incident management processes, including documentation, reporting, and post incident reviews.
· Provide subject matter expertise and advice on information security matters to internal stakeholders.
· Ensure confidentiality and integrity in handling sensitive security related and regulatory information.
