Digital Programme Manager

Digital Program Specialist - IT Risk and Program Management The Asian Infrastructure Investment Bank (AIIB) is a multilateral development bank whose mission is Financing Infrastructure for Tomorrow in Asia and beyond-infrastructure with sustainability at its core. We began operations in Beijing in 2016 and have since grown to 110 approved members worldwide. We are capitalized at USD100 billion and AAA-rated by the major international credit rating agencies. Collaborating with partners, AIIB meets clients' needs by unlocking new capital and investing in infrastructure that is green, technology-enabled and promotes regional connectivity.
The Information Technology Department (ITD) provides technical services in the areas of digital services, IT-related procurement, cybersecurity, IT risk and resilience, data management, digital learning, and digital transformation, ensuring their overall alignment with the Bank's needs and priorities. The team oversees the development and refinement of the IT strategy as well as the effective management of technology resources and the provision of technical support across Bank operations. These efforts are critical to fostering a digital and data-driven culture within the Bank aligned with its Corporate Strategy, promoting the innovation of digital infrastructures, and ensuring the smooth operation and security of daily functions.
The ITD is seeking a highly skilled and motivated Digital Program Specialist in IT Risk and Program Management. This position plays a critical role in managing the Bank's IT supply chain risks, including IT outsourcing, third-party security, cloud services, and embargo and sanction risks related to IT vendors and products. Additionally, the role supports IT security and AI risk program management, working closely with various IT function teams to strengthen security governance, ensure compliance, and mitigate AI risks. This position requires a unique blend of expertise in assessing IT supply chain and third-party security risks, AI risks, project and program management, and driving continuous improvement in risk posture.

Responsibilities:

• Conduct IT security and risk due diligence on vendors and third parties during the related corporate procurement stages.
• Collaborate with corporate procurement, legal, compliance, and IT teams to ensure vendors' security risks and embargo and sanction risks are assessed.
• Lead the Third-Party Security Assessments (TPSA) program to evaluate, mitigate, and monitor security risks associated with IT vendors and suppliers, also including outsourcing supplier, cloud service providers, open-source technologies, and product security.
• Coordinate IT outsourcing management activities, including outsourcing planning, risk assessment, performance monitoring, and compliance oversight, to ensure alignment with the Bank's outsourcing management requirements.
• Support the Team Lead of IT Risk, Resilience and Cyber Security to oversee the Responsible AI Governance framework, policies, and standards, ensuring compliance, ethical standards, and risk mitigation are embedded throughout the development lifecycle.
• Conduct ongoing risk assessments of AI use cases and systems, and implement tailored oversight and risk controls based on use case criticality and AI maturity.
• Coordinate with various IT and business teams to support IT security and risk initiatives, ensuring alignment with bank requirements and industry best practices.
• Track, analyze, and report on the effectiveness of IT security and risk programs using key metrics and data insights, ensuring compliance with security requirements and supporting continuous improvement.
• Support internal and external IT audits, ICFR control testing, risk control assessment, etc.
• Manage vendors, including procurement, contracting, performance management, etc.

Requirements:

• Bachelor's degree in computer science, information security, data science, risk management, or a related discipline. Master's degree would be a plus.
• 5-8 years of relevant working experience in IT risk and program management and relevant fields, preferably with financial institutions.
• Hands-on experience conducting due diligence and third-party security risk assessments.
• Strong knowledge of IT outsourcing risk, cloud risk, AI risk, embargo and sanction risk.
• Familiarity with cloud security principles and cloud-native security solutions on Azure and AWS.
• Strong understanding of information security, AI and privacy standards, frameworks and compliance requirements, including ISO 27001, NIST AI RMF, NIST CSF, NIST SP800, SOC 2, GDPR, etc.
• Certifications such as CISSP, CISM, CRISC, PMP, and ISO 27001 Auditor would be an advantage.
• Strong business acumen and the ability to balance technical security needs with business priorities.
• Ability to work effectively in a multicultural organization.
• Excellent written and oral English language skills.
• Strong data analysis, reporting, writing, and communication skills, with the ability to interpret complex data and prepare clear, actionable reports and insights for executive-level stakeholders.
• Excellent project management skills and attention to detail, with the ability to lead the team to manage multiple workstreams.

AIIB is committed to diversity, transparency, and inclusion. We believe our strength comes from having a team with the right diverse skills, experiences and abilities selected through a merit-based competitive process. We actively encourage applications from people from both within and outside AIIB members, regardless of nationality, religion, gender, race, disability, or sexual orientation.
Previous experience and qualifications will determine the grade and job title at which successful applicants will enter AIIB.
Join us and help create a prosperous and sustainable Asia while growing your career in a diverse and innovative environment.

ALL CURRENT VACANCIES * Closing Date: All opportunities close at 11:59 p.m. (GMT+8) on the dates listed.
** Job Type: Recruitment of staff is conducted through a merit-based competitive selection process. AIIB shall strive to provide employment opportunities open to all suitably qualified applicants, regardless of religion, gender, race, disability, sexual orientation or nationality.

---