About this IT Governance - Security & Resilience role at Bank of Jordan
We are looking for an experienced IT Governance – Security & Resilience to join our team and play a key role in strengthening the Bank's IT governance, cybersecurity, and operational resilience capabilities.
In this role, you will serve as the primary IT liaison for security and resilience matters, working closely with the Cybersecurity Department to ensure that IT operations, systems, projects, and processes comply with security standards, regulatory requirements, and industry best practices.
Key Responsibilities
- Collaborate with the Cybersecurity Department to implement security policies, standards, and controls across IT systems and infrastructure.
- Ensure IT operations, projects, and technology changes comply with governance frameworks such as ISO 27001, NIST Cybersecurity Framework (NIST CSF), COBIT, and applicable banking regulations.
- Translate cybersecurity requirements into effective IT governance processes, procedures, and operational guidelines.
- Coordinate security and risk assessments for all IT projects, system changes, and technology deployments as part of the Bank's governance and change management processes.
- Govern the IT risk management process by identifying, assessing, monitoring, reporting, and mitigating IT risks in alignment with Enterprise Risk Management (ERM) practices.
- Monitor the Bank's IT risk posture and ensure timely remediation of security vulnerabilities, compliance issues, audit findings, and control gaps.
- Lead the governance of IT Business Continuity and Disaster Recovery (BC/DR), ensuring critical IT services have documented, tested, and continuously improved recovery capabilities.
- Coordinate IT audits, regulatory inspections, and compliance reviews while maintaining governance documentation, policies, standards, and procedures.
- Prepare regular reports and dashboards on IT security posture, risk exposure, compliance status, resilience readiness, and governance metrics for senior management and governance committees.
- Support IT incident response activities in coordination with the Cybersecurity Department, including incident escalation, communication, post-incident reviews, and tracking corrective and preventive actions.
- Promote a strong culture of security awareness, governance, compliance, and operational resilience across IT teams.
Requirements
- Bachelor's degree in Information Technology, Computer Science, Information Security, or a related field.
- Proven experience in IT Governance, Information Security, IT Risk Management, IT Audit, or Operational Resilience, preferably within the banking or financial services sector.
- Strong knowledge of ISO 27001, NIST CSF, COBIT, IT risk management, business continuity, disaster recovery, and regulatory compliance.
- Excellent analytical, communication, stakeholder management, and reporting skills.
- Professional certifications such as CISA, CRISC, CGEIT, CISSP, or ISO 27001 Lead Implementer/Auditor are considered an advantage.