Bayt.com
Mithun Nair, Specialist - Risk Management & Business Continuity

Mithun Nair

Specialist - Risk Management & Business Continuity

Aspire Zone Foundation

Lieu
Qatar - Doha
Éducation
Master, Business Administration
Expérience
19 years, 7 Mois

Partager Mon CV

Empêcher usager


Expériences professionnelles

Total des années d'expérience :19 years, 7 Mois

Specialist - Risk Management & Business Continuity à Aspire Zone Foundation
  • Qatar - Doha
  • Je travaille ici depuis avril 2018

▪ Responsible for managing the group Risk Management and Business Continuity portfolio of the foundation, consisting of Aspetar Hospital, Aspire Academy, Aspire Logistics, Sports Facilities and Corporate Office.
▪ Drove area of ORM in alignment with local regulation and RM framework.
▪ Directed and supervising BCM developments, plan implementation and BC program management.
▪ Oversee semi-annual operational risk assessment exercise with all functional areas to produce the Operational Risk Register. Feed relevant inputs for the determination of the high risks.
▪ Established Key Risk Indicators (KRIs) and determined the limits and monitor these on a quarterly basis.
▪ Coordinate with Executive management and Functional leaders (Technologists, Corporate Support, Medical Advisors, Academicians) in establishing business continuity strategies and operational resilience.
▪ Established an operational risk appetite and monitored the risk profile to ensure compliance. Carried out loss data event collection and Reported quarterly dashboard to the Risk Management Committee.
▪ Optimize resources management by identifying, designing, and implementing common Operational Risk & Business Continuity strategies across the foundation.
▪ Established ORM, BCM policies, objectives, scope, framework, KPIs, success criteria, and project plans.
▪ Reviewed and evaluated subsidiaries BCM plans, strategies, BCM documentation, training needs, resources requirements, budget, test plans, test reports, BIAs, risk assessment, and mitigation plans.
▪ Established and executed three years training program; to impart alleviate the practical knowledge, hands-on experience, and resiliency maturity at the strategic, tactical, and operational levels.
▪ Digitized BCM training and awareness program to minimize operational cost.
▪ Designing and facilitating periodic emergency drills, Business relocation exercise and crisis call-outs.
▪ Conducted BCM due-diligence audits, cross functional audits.
▪ Participated in international forums to ensure adherence to regulatory expectations, global standards ISO 22301, and industry best practices for strengthening resilience directives across the foundation.

Senior Manager- Business Continuity & Internal Controls à Al Ahli Bank of Kuwait
  • Koweït - Al Koweït
  • décembre 2015 à mars 2018

▪ Provided senior management with an oversight of Integrated Business Continuity framework to ensure resiliency and continuity of operations between Kuwait and UAE.
▪ Established collaborative approach towards response and resolution of incidents involving Information Technology, Facility Management, and business units for crisis management.
▪ Reviewed Technology transformation plan of migrating Core banking system and surround applications into a unified enterprise architecture for the new vision of “Simpler Banking”
▪ Reviewed solution architecture to ensured high availability of operational resilience during data migration and process cutovers for Treasury systems, E-channels, and Card management.
▪ Implement an internal control framework in alignment with RM macro framework. Conducted interviews with the process owners to understand the nature of existing controls against key risks within each process.
▪ Evaluated design effectiveness(DE) and operational effectiveness(OE) of existing controls and agree an action plan to address the gaps including technology migration phases and point of no return.
▪ Drove bank wide Business Impact Analysis (financial impact & non-financial impact) Threat Risk Assessment.
▪ Revamped and digitized BCM Policy, strategy, recovery plans for simpler governance and improved recovery timelines (RTO’s / RPOs) as part of bank’s new vision and strategy.
▪ Oversee DR Tests and BC exercises to ensure results are progressively improved as per defined parameters.
▪ Led team of BCP Analysts and BCP officers.

Manager - Business Continuity Management à Kuwait International Bank
  • Koweït - Al Koweït
  • mars 2014 à décembre 2015

▪ Completed all pending transition formalities of BCM Department from Corporate support to Risk Management.
▪ Expanded DR capacity in terms of System, Storage as well as workstations within allocated budget.
▪ Provide DR guidelines and reviewed IT DR Plan. Managed IT DR simulation test on ETHIX- Core Banking System.
▪ Successfully performed Failover test (Systems / application / network) for core banking, branches.
▪ Ensure business & support units establish continuity measures for bank's new products and services.
▪ Supported operational risk assessment of RCSA, Investigations on Events and root cause analysis of incidents, control evaluations and preparations of reports to Risk Management committees.
▪ Analyzed loss events and created measures to protect the bank by means of recommending design workflow processes, updating policies and procedures, adding system enhancements.
▪ Reviewed changes to business operational risk profiles are adequately considered, mitigated, and addressed prior to the implementation of major projects and products.
▪ Assisted Chief Risk Officer in preparation of annual budget, and reporting BCM performance scorecard to Board Risk Committee.

Manager - Information Security & Business Continuity à Boubyan Bank K.S.C
  • Koweït - Al Koweït
  • avril 2008 à mars 2014

▪ Led Information security implementation efforts across the bank and successfully achieved ISO 27001 Information Security Management System for the Bank.
▪ Established data classification, information labelling, CIA valuation and performed Risk assessment, Business Impact Analysis, defined recovery strategy for iMAL- Core Banking System.
▪ Established Recovery Time Objectives for Networks/ Servers/ Database/ Tools and Resources bank wide.
▪ Defined risk parameters, baselines controls and implemented PCI-DSS on Visa/Master Cards Data services.
▪ Established DR site and alternate BCP locations with workstations to cater bank’s mission critical operations.
▪ Spearhead bank’s Security Intelligence Management project, integrated bank wide physical security and building security control systems to a unified security control platform.
▪ Evaluate Branch traffic (Arrivals & Services) and design Branch Matrix for Implementing Branch Recovery plans.
▪ Implemented RPX Recovery Planner automation solution to digitize recovery planning.
▪ Performed Applications, Network Failover tests for core banking and supporting systems.
▪ Conduct DR /BCP simulation exercise, Full scaled Mock drill and successfully managed two live events.
▪ Assisted CIO in defining Policy and Procedures, end of day and cut-over process, IT Governance processes and Due diligence reports.

Asst. Manager and Manager – Risk Assurance Service ( IT Audits) à Deloitte
  • Etats Unis - Wisconsin
  • janvier 2006 à mars 2008

▪ Audited IT Controls, processes, security policy and procedures at client facilities to ensure Confidentiality, Integrity, and Availability triad, to ensure client data are secured, and recoveries are guaranteed.
▪ Introduced Integrated Resilience Management (IRMS) and performed Application Profile Indexing for the successful implementation of Living Disaster Recovery Planning System (LDRPS) to client (Citi Bank)

Business Analyst à Ibm - India
  • Inde - Pune
  • mars 2004 à avril 2005

▪ Core team member to implement BS7799 Information Security Management Systems across India locations.
▪ Assisted in implementation planning, analyzing, and tracking security requirements for projects.

Éducation

Master, Business Administration
  • à Visveswaraiah Technological University
  • mars 2004

Business Administration & Information Systems

Baccalauréat, Commerce & Taxation
  • à University of Kerala
  • mars 2001

Commerce & Taxation

Specialties & Skills

ISO Auditor
+Endorse 0
Business Continuity
+Endorse 0
Disaster Recovery
+Endorse 0
ISO 27001
+Endorse 0
Risk Management Systems
+Endorse 0
ISO 27001 Information Security
+Endorse 0
Business Continuity
+Endorse 0
Crisis Response and Emergency Management
+Endorse 0
Information Technology Governance
+Endorse 0
Building Management and Security Integration Systems
+Endorse 0
Disaster Recovery
+Endorse 0

Langues

Anglais
Expert

Formation et Diplômes

ISO 22301 BCMS Lead Auditor (Certificat)
Date de la formation:
June 2019
Valide jusqu'à:
June 2005
CRISC (Certificat)
Date de la formation:
July 2010
Valide jusqu'à:
July 2010
Certified Business Continuity Lead Auditor (Certificat)
Date de la formation:
May 2014
Valide jusqu'à:
December 2019
CBCI (Certificat)
Date de la formation:
January 2019
Chartered Risk Analyst - CRA (Certificat)
Date de la formation:
April 2010
Valide jusqu'à:
April 2010