IT Risk Assistant Manager

Who we are?

- onebank was established in 2020 as the company responsible for launching the 1st digital native bank in Egypt. The digital bank aims to create innovative solutions tailored to serve the needs of the banking customers in Egypt.

-Our main goal is to create a positive customer experience through the differentiated journey that our customers live while using the digital bank.

-Our Drive: We use our drive and commitment to energies, engage and inspire others, upholding the highest standards of work ethic, honesty and morality.

JOB PURPOSE

• Identify, assess, and mitigate IT-related risks impacting Bank operations, security, and compliance. Ensure potential threats to the Bank's technology infrastructure are proactively managed.
• Safeguard IT systems to protect financial assets, customer trust, and regulatory compliance.
• Contribute to Bank resilience, long-term growth, and operational integrity.

MINIMUM QUALIFICATIONS/EDUCATION/EXPERIENCE

• Bachelor’s degree in information technology, Computer Science, Risk Management, or a related field
• Professional certifications such as CRISC (Certified in Risk and Information Systems Control), CISM (Certified Information Security Manager), or CISSP (Certified Information Systems Security Professional).

Skills:

• Strong analytical, problem-solving, and decision-making abilities.
• Proficient in risk management tools and methodologies, with excellent communication and stakeholder management skills.
• 7- 10 years of experience in IT fields, IT risk management, Cybersecurity, Information security, and IT Audit.
• Proven leadership experience in managing IT risk, compliance, and governance frameworks.
• Extensive knowledge of risk management standards (e.g., ISO 27001, NIST) and regulatory requirements within the banking or financial services industry.

Job Duties & Responsibilities

1. Support the implementation and maintenance of the IT Risk Management framework to ensure technology risks are consistently identified, assessed, and monitored, by aligning with the bank’s risk appetite, policies, and regulatory requirements.

2. Perform comprehensive IT risk assessments /RCSAs across infrastructure, applications, and technology processes to identify control gaps and residual risks, ensuring appropriate mitigation actions are defined and tracked in coordination with IT , Information Security and cybersecurity teams.

3. Monitor and analyze Key Risk Indicators (KRIs) and Key Control Indicators (KCIs) related to IT risks in order to detect emerging issues and control weaknesses, by leveraging risk dashboards and reporting tools.

4. Review IT policies, procedures, and standards from a risk perspective to ensure alignment with regulatory requirements and internal governance expectations, by coordinating with relevant stakeholders and control owners.

5. Track remediation plans and risk treatment actions to ensure timely closure of identified gaps and issues, by following up with responsible teams and escalating overdue or high-risk matters when necessary.

6. Assess IT-related incidents, problems, and changes from a risk perspective to evaluate root causes, control effectiveness, and potential systemic risks, ensuring lessons learned are incorporated into the risk framework.

7. Support internal and external audit engagements by providing risk-related documentation, evidence, and clarification, ensuring transparency and alignment with audit expectations.

8. Promote IT risk awareness across technology and business teams by providing guidance on risk identification, control design, and risk ownership, fostering a strong risk culture within the organization.

9. Prepare periodic IT risk reports and dashboards to provide management with clear visibility over the risk posture, key exposures, and mitigation progress, enabling informed decision-making.