IT Governance Manager - Information Security & IT Governance Department

Job Description

We’re a leading financial institution, a key player in the Maltese market and part of a highly diversified multinational group of companies. Employing a team of over 270 employees, the Bank offers a full range of lending and savings solutions to both personal and business customers. We strive to offer a highly personalised service through our network of thirteen retail branches spread across the Maltese Islands.

‍We’re a team of inspired people who believe that opportunities start with a conversation.

Duties & Responsibilities:

The IT Governance Manager leads the IT Governance Unit, which is responsible for establishing and maintaining the Bank’s IT governance framework, ensuring alignment with business objectives, regulatory requirements, and industry standards. This role oversees IT risk management, policy development, compliance, and performance monitoring across all IT operations. The IT Governance Manager collaborates with senior leadership to integrate governance practices into the Bank’s strategic goals and ensures continuous improvement in IT governance processes.

The person in this position will be responsible for:

• Develop, implement, and maintain the Bank’s IT governance framework and roadmap to ensure effective oversight of IT assets and operations
• Establish, review, and update IT policies, standards, and guidelines in accordance with regulatory requirements, industry standards (e.g., COBIT, ITIL), and evolving business needs
• Define and communicate IT governance goals, metrics, and strategies to align with organisational objectives and secure executive support
• Oversee the identification, analysis, and mitigation of IT risks across systems and business operations
• Conduct regular risk assessments, audits, and compliance reviews to proactively manage IT risks
• Ensured the Bank’s compliance with applicable IT regulations and standards
• Serving as a primary point of contact for IT audits, addressing any findings and ensuring the timely resolution of audit-related issues
• Develop, implement, and manage the organisation’s IT risk management plan, coordinating the IT team in response to risk events and incidents
• Lead investigations for significant IT incidents, coordinating efforts with IT, legal, and compliance teams to manage and mitigate potential impacts
• Oversee the development and deployment of IT performance monitoring and reporting programs, enabling early detection and response to governance issues
• Supervise and mentor IT Governance Unit staff, providing guidance, performance feedback, and professional development support
• Conduct regular team meetings and training sessions to ensure consistent awareness of current IT governance practices, best practices, and strategic objectives
• Establish clear career pathways and growth opportunities for team members to foster a motivated, knowledgeable, and cohesive team
• Lead the design and delivery of IT governance awareness programs for all employees, promoting governance-conscious behaviour and reducing IT risk
• Partner with HR and other departments to develop mandatory IT governance training programs, ensuring employees at all levels are educated on governance practices, risk identification, and data protection responsibilities
• Evaluate, select, and implement IT governance tools, systems, and services to strengthen the Bank’s governance capabilities
• Manage relationships with third-party vendors and service providers, ensuring governance controls are in place and regularly evaluated for alignment with the Bank’s policies
• Negotiate governance requirements and service level agreements with vendors, ensuring compliance with internal policies and external regulatory requirements
• Track, analyse, and report IT governance metrics (Key Risk Indicators, Key Performance Indicators) to executive management, ensuring visibility of governance posture and progress against strategic goals; and
• Prepare detailed IT governance reports, risk analyses, and status updates for the Head of Department and Executive Management, communicating key risks and improvement areas.

Competencies and Experience:
The potential candidate should be reliable and trustworthy, well-organised, with a disposition to learn and have a team-oriented approach. The candidate should demonstrate excellent written and verbal communication skills in both English and Maltese, with the ability to communicate effectively using a high level of business English. 

The person in this position must:

• Be able to set and lead a comprehensive IT governance strategy aligned with Bank goals
• Have proven experience in managing and developing an IT governance team, with strong mentorship and communication skills
• Be proficient in IT governance frameworks (e.g., COBIT, ITIL) and have a thorough understanding of IT risk management methodologies
• Possess extensive knowledge of regulatory compliance requirements, including, but not limited to, GDPR, ISO27001, DORA and NIS2
• Be skilled in IT risk management and incident response, with the ability to lead investigations and coordinate across departments
• Possess strong organisational and project management skills to prioritise tasks and manage resources effectively
• Possess strong leadership and managerial skills, with experience in building and leading an IT governance team
• Be proficient with governance infrastructure, including IT audit tools, risk management systems, and performance monitoring tools
• Possess advanced problem-solving and analytical skills with strong communication abilities
• Possession of recognised certifications (e.g., CGEIT, CRISC) is highly preferred
• Have a minimum of a bachelor’s degree in information technology, Computer Science, or a related field. A Master’s degree in IT Governance, Risk Management, or a relevant discipline is preferred
• CGEIT, CRISC, or similar certifications are highly preferred. Additional certifications such as ISO27001 Lead Implementer/Auditor, or similar, are advantageous
• Minimum of 8 years in IT governance or related field, with at least 4 years in a management or leadership role, preferably in a regulated industry like financial services; and
• Up-to-date knowledge of evolving IT governance practices, technologies, and regulatory changes affecting IT governance.

What We Offer:

• Ongoing personal development
• Preferential interest rates on home loans, personal loans and home value loans
• Comprehensive support for academic advancement through fully subsidized staff study loans
• Private clinic health insurance coverage, extendable to dependents
• Life insurance and personal accident cover
• Free ophthalmic examinations
• Private counselling sessions in collaboration with Richmond Foundation
• Additional half-day leave for birthday celebrations
• Annual performance appraisals and salary reviews
• €250 annual wellness allowance
• Complimentary mammogram screenings for female employees aged over 40 and PSA screenings for male employees aged over 40
• Flexible work arrangements (role permitting); and
• Various corporate discounts.

BNF Bank plc is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.