Vice President, Technology Risk Management, Enterprise Risk Management Division

Job Description

Title: Vice President, Technology Risk Management, Enterprise Risk Management Division

Company Name: bKash Ltd.

Vacancy: 1

Age: Na

Job Location: Dhaka

Salary: Negotiable

Experience:

• 8 to 12 years
• The applicants should have experience in the following business area(s): Banks, IT Enabled Service, Multinational Companies, Audit Firms /Tax Consultant, Financial Technology (Fintech) Startup

• Master of Science (MSc) in Information Technology
• Master of Science (MSc) in Computer Science & Engineering
• Master of Business Administration (MBA) in Business Administration
• Master of Science (MSc) in Electronics and Telecommunication Engineering

• 8 to 12 years
• The applicants should have experience in the following business area(s): Banks, IT Enabled Service, Multinational Companies, Audit Firms /Tax Consultant, Financial Technology (Fintech) Startup

• Oversee multiple engagements as a Team Lead
• Strong project management skills
• Background in technology and risk management
• Knowledge of governance, operational risk, and three lines of defense
• Ability to handle technological risk governance in a fast-paced setting
• Proficiency in teamwork, client service, honesty, and leadership
• Prior coaching and junior team member development experience
• Understanding industry best practices
• Demonstrating excellent organizational and communication abilities
• Strong desire to succeed and inspire others
• Excellent analytical and problem-solving skills
• Commitment, creativity, and resourcefulness
• Ability to perform well under pressure
• Promotes a productive, creative, team-oriented work atmosphere

This role offers strategic and tactical guidance on technology planning, development, security, and compliance while working with stakeholders on information security risk analysis. The incumbent manages security risks across IT functions, implements first-line controls, and ensures governance. Key responsibilities include monitoring legal changes, developing remediation strategies, and conducting training to enhance risk awareness. By delivering briefings and documenting risks and controls, the incumbent safeguards the organization’s technological assets and fosters a proactive risk culture.

Job Responsibilities

• Establish and manage a framework for technology risk management that is flexible enough to adapt to changing market conditions in the context of a Fin-Tech environment

• Provide guidance on technology strategy, planning, security, and compliance

• Build a strong governance foundation for managing technology risk in a fast-paced environment

• Design, implement, and monitor effective first-line controls while maintaining operational risk integrity

• Support the Chief Product & Technology Officer in managing technology risk, including control design and risk monitoring

• Collaborate with stakeholders to conduct information security risk analysis

• Identify and assess potential risks and vulnerabilities in networks, IT infrastructure, and applications and develop strategies with tech teams to mitigate risks to infrastructure and assets

• Manage security risks across various IT areas, including applications, systems, networks, and web

• Develop security solutions for critical and complex applications, systems, and platforms

• Serve as a subject matter expert for vendor risk assessments to enhance vendor posture

• Monitor the legal and regulatory landscape for threats from technological changes

• Recommend and oversee updates to IT risk and security policies and procedures

• Maintain and update the organization’s technology risk register regularly while communicating with departments to address current and potential technology risk exposures

• Conduct training sessions on risk management and vulnerabilities for tech teams and provide briefings on risk and security issues impacting the business

• Lead application security risk assessments for new or updated internal and third-party applications

• Conduct impact analysis and report on significant risk trends and vulnerabilities along with mitigation strategies to ensure adequate resource protection and

• Create and update documentation for identified security risks and controls