Senior Digital Program Specialist - IT Governance, Risk, and Compliance (GRC)

The Asian Infrastructure Investment Bank (AIIB) is a multilateral development bank whose mission is financing the Infrastructure for Tomorrow—infrastructure with sustainability at its core. We began operations in Beijing in January 2016 and have since grown to 106 approved members worldwide. We are capitalized up to USD100 billion and Triple-A-rated by the major international credit rating agencies. Working with partners, AIIB meets clients’ needs by unlocking new capital and investing in infrastructure that is green, technology-enabled and promotes regional connectivity.

The Information Technology Department (ITD) is looking for an experienced IT governance, risk and compliance (GRC) Senior Digital Program Specialist to ensure compliance with internal policies, applicable regulations, and industry best practices. The ideal candidate will have in-depth knowledge of IT risk management, governance, and compliance frameworks, as well as experience working with various stakeholders, including the internal audit team, internal control team, external auditors and counterparties, and senior management. The IT GRC senior specialist will lead and manage IT GRC projects and initiatives, identify and mitigate IT risks, and develop and implement IT directives, administrative guidance, and procedures.

The Senior Digital Program Specialist will work in a start-up, fast-paced, rapidly changing work environment. They will have the opportunity to drive IT process design and will be exposed to cutting-edge cloud technology and a multilateral development bank’s business environment, where they can hone skills in risk management, communication, stakeholder management, planning, and project management.

Responsibilities:

• Maintain the IT risk management framework, conduct risk assessments and identify potential IT risks.

• Implement and maintain IT controls to mitigate identified risks and ensure compliance with applicable regulations and standards.

• Collaborate with internal and external auditors and the internal control unit to facilitate audits and control testing and ensure compliance with audit/control requirements and recommendations.

• Serve as a subject matter expert on IT governance, risk management, and compliance frameworks such as COSO, ISO27000, NIST, and GDPR, etc.

• Develop and deliver IT GRC training and awareness programs to educate employees and stakeholders on IT risk and compliance requirements.

• Monitor and analyze industry trends and regulatory developments related to IT governance, risk management, and compliance, and recommend appropriate actions.

• Lead and manage IT GRC projects and initiatives, including project planning, resource allocation, and progress tracking.

• Prepare and present IT GRC reports and metrics to senior management and other stakeholders to demonstrate compliance with applicable regulations and internal policies.

 Requirements:

• A minimum of 8 to 10 years of relevant experience in security, IT risk management, governance, and compliance frameworks.

• Successful track record of partnership across organizations to build trust and achieve shared goals.

• Possession of security and risk certifications, such as CISSP, CISM, CISA, CRISC, etc., would be an advantage.

• Good understanding and practical experience working with privacy and legal requirements, such as GDPR, data security, sanction, embargo, etc.

• Knowledge and experience in security, risk, and compliance frameworks such as COSO, NIST, ISO, SOX, etc.

• Solid skills in evaluating risks, understanding control, and developing governance processes to support the organization, articulate risks, develop consensus, raise awareness, and provide and implement solutions.

• Excellent communication and presentation skills. Able to communicate sophisticated and technical issues effectively and concisely to all levels.

• Ability to work collaboratively and effectively with other ITD teams, business units and other organizations.

• Effective in building partnerships with organizational leaders and influencing senior management.

• Experience in facilitating executive leadership meetings.

• Fluency in oral and written English is required.

• Master’s degree in IT, business management, risk management, or relevant field of specialization.

AIIB is committed to diversity, transparency, and inclusion. We believe our strength comes from having a team with the right diverse skills, experiences and abilities selected through a merit-based competitive process. We actively encourage applications from people from both within and outside AIIB members, regardless of nationality, religion, gender, race, disability, or sexual orientation.

Previous experience and qualifications will determine the grade and job title at which successful applicants will enter AIIB.

Join us and help create a prosperous and sustainable Asia while growing your career in a diverse and innovative environment.