Senior Associate, Specialist, Risk Technology, Technology and Operations

Business Function

Group Technology and Operations (T&O) enables and empowers the bank with an efficient, nimble and resilient infrastructure through a strategic focus on productivity, quality & control, technology, people capability and innovation. In Group T&O, we manage the majority of the Bank's operational processes and inspire to delight our business partners through our multiple banking delivery channels.

Requirements

Job Purpose

The IT Risk Manager is responsible for endtoend management of Technology risks, including conducting RCSAs, identifying, monitoring, mitigating risks, and ensuring adherence to internal and regulatory policies. The role oversees audits, compliance requirements, issue identification and closure, and supports regulatory and internal reporting obligations. It requires strong coordination across Technology, Operations, Compliance, and stakeholders to ensure a resilient and wellgoverned Technology environment

Technology Governance & Risk Management

• Conduct and manage the full lifecycle of the Risk Control SelfAssessment (RCSA), including control identification, testing, effectiveness assessment, and documentation
• Identify, monitor, track, and mitigate Technology risks across applications, infrastructure, processes, and thirdparty engagements
• Facilitate and signoff risk acceptance (RA) proposals in accordance with internal policies and governance requirements
• Review, monitor, and support remediation for Change Management, Incident Management, and Problem Management activities to ensure risks are assessed and adequately addressed
• Drive timely creation and execution of mitigation plans, ensuring closure of risk items within committed timelines
• Strengthen ongoing risk monitoring through proactive checks, stakeholder dialogues, and thematic risk assessments
  
  

Audit & Compliance

• Manage all types of audits including regulatory (RBI/SEBI/MAS), internal audit, statutory audit, and concurrent audit. Support requirements for certifications including PCI DSS, ISO
• Front-end audit engagements by coordinating with auditors, managing walkthroughs, responses, and preparing teams for examination activities
• Conduct proactive internal checks prior to audits to assess readiness, validate evidence, and identify potential gaps in advance
• Lead evidence collection, quality assurance, submission, escalation handling, and endtoend closure of observations
• Ensure accurate and timely reporting of audit statuses, progress updates, and action closure to senior stakeholders
• Minimize repeat findings through structured remediation, control enhancements, and process health checks
  
  

SelfIdentification Of Issues

• Proactively identify issues, control gaps, deviations, and process weaknesses through continuous monitoring, thematic reviews, and internal assessments
• Track and monitor identified issues to ensure timely and effective closure with accountability across Technology teams
• Maintain accurate issue logs, update dashboards, and ensure evidencebacked closure as per governance requirements
• Promote a culture of proactive risk detection and transparent reporting across Technology units
  
  

Regulatory & Internal Reporting

• Prepare and submit regulatory reports including RBI tranche reporting, Cyber Security KRO and any other Technologyrelated compliance submissions, and supervisory artefacts as required
• Manage and track Key Risk Indicators (KRIs), perform trend analysis, and highlight emerging risks through structured KRI governance
• Support internal risk reporting including dashboards, governance packs, periodic updates for senior management, and management forums
• Ensure accuracy, completeness, and timely delivery of all regulatory and internal risk reporting commitments
• Developing internal controls checks to check adherence and reporting from time to time
• Driving Automation of control checks and adaption of AI, data and automation in to governance and risk practices
  
  

Risk Awareness & Culture

• Drive a strong riskaware culture across Technology by promoting proactive identification of risks, early escalation, and transparent communication
• Conduct regular training sessions, awareness programs, and targeted workshops to strengthen understanding of Technology Risk, compliance expectations, and audit preparedness
• Partner with leaders and teams to embed riskfirst thinking into daytoday operations, project governance, and decisionmaking processes
• Foster continuous learning by sharing lessons from incidents, audits, and thematic assessments to prevent recurrence and enhance capability maturity
• Encourage teams to internalize accountability for controls, risk ownership, and adherence to regulatory and internal standards
  
  

Collaboration And Communication

• Collaborating with cross-functional teams to ensure Tech risk deliverables are met within committed deadlines
• Ensuring effective communication and collaboration across different technology teams and stakeholders
• Driving initiatives to enhance Tech Risk culture across units and create environment for proactive actions with regards to Tech Risks
  
  

Required Experience

• 58 years of relevant experience in IT Risk Management, Technology Audit, Compliance, or related roles
• Strong understanding of RCSA, risk frameworks, incident/change/problem management processes
• Handson experience managing regulatory, statutory, internal, and concurrent audits
• Experience with issue management, control testing, evidence management, and audit readiness
• Strong analytical skills and the ability to synthesize risk information for leadership consumption
• Familiarity with regulatory reporting (RBI/SEBI/MAS) and Technology-specific reporting standards
• Ability to identify control gaps and find solutions to mitigate the same
• Drive automation and adaption to new technologies to drive effective monitoring and risk oversight
• Experience with audit planning and reporting
  
  

Education / Preferred Qualifications

• Bachelor's degree in IT, Computer Science, Engineering, or related field
• Preferred: Master's in Technology/IS or MBA
• Certifications like CISA, CRISC, CISM, CISSP, ISO Lead Auditor are beneficial
  
  

Core Competencies

• Strong analytical and problemsolving capabilities
• Ability to engage with senior stakeholders with clarity and confidence
• High attention to detail, discipline, and adherence to regulatory rigor
• Ability to manage multiple priorities and meet strict timelines
• Strong collaborative mindset with a riskaware work ethic
• Strong communication and interpersonal skills
• Change / Innovation Orientation
  
  

Technical Competencies

• Strong understanding of IT controls, risk frameworks, audit methodologies, and regulatory standards
• Proficiency in data analytics and use of automation/AI tools for risk and compliance monitoring
• Knowledge of ITGCs, application controls, access/privilege management, and infrastructure governance
• Familiarity with GRC tools, audit management platforms, and compliance systems
• Prior experience in risk management / governance/ compliance in banking industry Prior experience of 5 to 8 years in governance/ compliance in banking industry
  
  

Primary Location

India-Maharashtra-Mumbai

Job

Technology

Schedule

Regular

Job Type

Full-time

Job Posting

Feb 9, 2026, 2:30:00 AM