First Abu Dhabi Bank

Senior Analyst- Technology Risk Management

Bangalore, in February 25, 2026 Full Time Greenhouse

Job Purpose:

Candidate will work with VP, Head of Service Risk, AO & Digital Platforms to ensure GRC Operational activities are executed as per the agreed timelines in line with the requirements.

Key Accountabilities:

GRC Operations 

  • Implement GRC activity oversight mechanism across the unit and ensure implementation of proper tracking & reporting systems.  
  • Track and complete GT BIA/BCP related requirements as per the GBCM timelines. 
  • Track, monitor and report GT related periodic UAE regulatory requests & reporting. 
  • Actively work with the team to improve GT Risk Remediation activities and implement proper governance mechanisms. 
  • Ensure timely completion of IT Risk Operations activities.  
  • Manage Data Leakage Prevention (DLP) notifications and implement improvement initiatives to optimize the monitoring policies.
  • Ensure timely remediation of DLP alerts and necessary actions as per the organization policies. 
  • Act as a point of contact for GIA for TechGRC audit activities.  
  • Implement proper tracking mechanism for Operational Risk Incidents to ensure compliance with GORM policies.  
  • Ensure all the GRC systems used by 3 lines of defense are in sync and execute periodic reconciliation activities. 
  • Work with the teams to have definitive plans for GIA issues and other key risk items to ensure timely remediation. 
  • Identify and implement automation initiatives to improve overall GRC operations. 
  • Implement initiatives to improve ways of working with 2nd line & 3rd line functions. 
  • Produce timely and accurate MIS for GRC related activities to be covered as part of regular reporting. 

Technology Risk Management Framework:

  • Review and provide inputs on IT risk management framework to ensure efficiency and effectiveness of the process performance
  • Review and provide inputs on technology policies, processes & standards to ensure proper coverage of technology controls and metrics
  • Conduct regular reviews and assessments to assess adherence to Group policies and standards for effective implementation within Group Technology (GT)
  • Review and provide input on standard technology risk and control library
  • Implement the cyber risk assessment model and analysis approaches
  • Conduct various assurance initiatives and internal reviews across GT
  • Identify and implement control automation initiatives across GT

Cloud Management

  • Participate in conducting due diligence of cloud service providers and ongoing cloud service providers assessments.
  • Assess cloud solutions and determine risk of technology architecture, implementation, and suitability for the organization.
  • Review cloud service providers contracts for compliance with Group policies/processes and ensure relevant controls are considered in the contract with cloud service providers.
  • Assess the risk implications of digital innovation and its impact on technology risk profile of the bank. Provide recommendations to optimize the risks and ensure technology policy and process alignment.
  • Conduct in-depth technical security reviews, risk assessments, and architecture reviews for Cloud based technologies and solutions to ensure alignment with information security policies and technology guidelines.

DevOps/DevSecOps/Agile Practices

  • Provide inputs to development and maintenance of policies, frameworks, methods and standards for the DevOps and agile practices.
  • Ensure risk and security control requirements are considered during the early stages of the development lifecycle
  • Review possible bottlenecks of running the application in production and suggest service improvement plans.

Technology Risk Identification & Assessments:

  • Work with service teams on various risk and control assessments activities and ensure technology risks are managed as per FAB policies and standards.
  • Participate in Project & Change reviews to ensure appropriate treatment of technology risks.
  • Execute periodic risk assessment activities to identify vulnerabilities, threats and control effectiveness.
  • Assess the severity of each risk by assessing likelihood and impact. Work with stakeholders on the residual risk ratings and potential risk exposure.

Technology Risk Treatment & Review:

  • Support development of risk treatment strategies to maintain the bank’s risk posture at the desired level.
  • Ensure proper implementation of risk treatment options such as mitigation, transfer, acceptance etc. and help IT teams in mitigation or acceptance of risks/issues.

Technology Risk Monitoring & Reporting:

  • Review risk items and define Key Risk Indicators (KRI) to monitor high risk areas.
  • Produce periodic risk profile reports and KRI reports to senior management.
  • Work with technology teams to review Major incidents Reports and identify risk/control measures to prevent incident reoccurrence.

Job Context:

Key Performance Indicators:

  • Timely remediation of DLP alerts and associated actions.
  • Participation in relevant service line specific EA community sessions to address the GRC requirements
  • Completion of Risk and Control Self-Assessments as per the agreed schedule
  • Remediation of Technology GRC risk issues as per the established timelines
  • Adequately monitor and supervise remediation of Technology Service Line risk issues as per the agreed timelines
  • Ontime completion of KRI reporting and GORM incident management reporting
  • Completion of regulatory reporting activities as per the timelines
  • Adherence to GRC automation initiatives implementation plans
  • Ontime completion of mandatory trainings and meeting certification requirement
  • Ensure external audit and regulatory certifications are completed on time without non-compliance (PCI DSS, KPMG Statutory Audit, Swift CSF and NESA)
  • Coordinate with service lines to gather RFI’s and management response for GIA (Group Internal Audit’s) on time.

Knowledge & Experience:

  • 8 - 10 years of working experience in IT Security, Risk and Governance practices.
  • Experience with DLP (Data Leakage Prevention) management activities.
  • Knowledge and expertise in virtualization and cloud computing environments (different cloud models and types).
  • Hands on experience in using various Cloud Security best practices such as Cloud Security Alliance (CSA) guidelines and National Institute of Standards and Technology (NIST) guidelines.
  • Demonstrated experience in conducting technical risk assessments for various Cloud platforms.
  • Good understanding of process models and industry standards relating to IT Security, Risk and Governance.
  • Good understanding of security and risk management in financial institutions.
  • Excellent interpersonal skills and good oral and written communication skills.
  • Achievement of industry recognized certifications such as CISSP, CRISC, CCSP, CCSK, CISA etc.
  • Achievement of AWS and Azure cloud certifications is preferable.

Skills:

  • Relationship management
  • Influencing skills
  • Big picture thinker with attention to details
  • Strong change and communication skills
  • Strong analysis skills
  • Strong interpersonal skills
Apply on company site

How to Get Hired at First Abu Dhabi Bank

  • Tailor your resume to each specific Firstglobalmanagementservicesinc role — Greenhouse applications are evaluated per-position
  • Firstglobalmanagementservicesinc uses Greenhouse to manage applications; PDF format preserves your formatting through their parser
Read the full guide

How well do you match this role?

Check My Resume