MEMOONA JAVERIA ANWAR

Compliance

• Utilizing understanding of policies, laws, and regulations to make judgments with minimal guidance.
• Collaborating on compliance strategies, execute compliance tasks, and assist in developing compliance tools and processes.
• Defining and testing controls, identify areas for improvement, and ensure delivery of regulations across teams.
• Conducting routine and complex audits, perform quality data checks, and contribute to compliance reporting with some guidance.

Governance

• Utilizing knowledge of policies, laws, and regulations to make informed decisions independently, aligning with business needs. interpreting the information to safeguard the company and its customers while advancing the business. Identifing non-conformance issues, escalating them to management, and adhering to program guidelines based on corporate policies.
• Determining ownership and accountability for key risks and mitigation activities with minimal guidance.
• Continuously reporting on risk levels and updating accountability owners on their status.
• Assisting in presenting risk assessment information, detailing relevant behaviors, activities, processes, and associated risks to ensure stakeholder awareness, support, and approval.

Controls

• Assessing end-to-end operational processes and dependencies for efficiency and effectiveness opportunities. Recommending process and control improvements (e.g., preventative/detective and automated/manual) to mature the control environment.
• Testing controls to determine their effectiveness and identifing areas for improvement, offering design adjustment suggestions with minimal guidance.
• Collaborating with the team to define controls, identifying potential failure points, and ensuring routine issues are addressed during the design process with minimal guidance.
• Conducting periodic reviews of existing controls to ensure they remain effective and relevant to the current risk environment. Providing feedback on control performance and suggesting enhancements to improve efficiency and effectiveness.
• Ensuring that controls are aligned with industry standards and regulatory requirements, making adjustments as necessary to stay compliant.

Consult/Advise/Educate

• Collaborating across teams to ensure consistent application and delivery of regulations and standards, delivering training and beginning to take ownership of training aspects.
• Advising on compliance of products, processes, and programs.
• Educating teams on compliance requirements, reviews result, conducts informal assessments, and monitors compliance within specific areas. Translating compliance standards and processes into relatable formats for teams.

Risk Assessment

• Executing the risk management lifecycle process and method for smaller projects, including data collection and analysis.
• Gathering and analyzing relevant internal and external information, threat intelligence reports, and conducting interviews or focus groups to identify risks, assess risk levels, and gathering additional context with guidance.
• Compiling information to understand job, project, or process risks and their root causes for routine projects.
• Scores risks and contributes to risk prioritization using appropriate risk profile scoring. Assists in developing risk scorecards using weighted scores and risk management models with guidance

Risk Remediation

• Reviews risk governance to ensure appropriate attention to specific risk areas with minimal guidance. Identifies and escalates concerns related to monitored risks.
• Drafts mitigation plans and processes, including risk registers and controls, helping accountability owners understand and implement plans to reduce risk with minimal guidance.
• Ensures alignment and agreement on risk reduction plans and processes, confirming accountability owners' capacity to drive mitigation efforts, and introduces necessary policy adjustments with minimal guidance.
• Coordinates across accountability owners to ensure proper tracking and trending of risk management activities.

• Industry Developments: Keeping abreast of industry developments by reading media releases, newspapers, regulatory circulars, and bulletins, attending industry seminars, workshops, academic conferences etc
• Compliance Advisory: Provide timely advice in relation to Compliance related enquiries from all Business Units including sales and trading queries, digital transformation initiatives etc
• Compliance Training: Conduct Compliance induction training for new staff and assist in the preparation and conduct of relevant Compliance training for various business units
• Compliance Policies, Procedures, Manuals and Rule databases – draft, update and maintain
• Meetings/Committees: Attend and prepare documents for regular internal meetings and committees to keep members apprised of any regulatory developments or regulatory risks
• Compliance Reviews: Conduct Desk Reviews of all business units for compliance with policies and procedures and prepare draft reports of findings for management
• Innovation initiatives: Designing architecture for open banking based digital identity verification reference architecture
• SOC2 framework: Creating and maintaining SOC2 documentation
• ISO27001: Implementing and maintaining ISO27001 based information security management system
• ISO 27701: Implementing and maintaining ISO 27701 based privacy information management system
• ACCC's Consumer Data Rights Initiative: Working on documentation and CDR data environment for open banking license
• Digital Identity Architecture: designing the architecture for Company's new digital identity product
• Design and architecture of consent management workflow for Australian Consumer Data Rights application.

• Designing an adaptive digital identity reference architecture
• Creating and maintaining ISO27001 and ISO 27701 documents
• Providing information security awareness training to organization personnel
• Overseeing information security audits, whether performed by organization or third-party auditor
• Managing security team members and all other information security staff
• Providing training to new employees during onboarding
• Implementing and overseeing technological upgrades, improvements, and major changes to the information security environment
• Serving as a focal point of contact for the information security team and the customer or organization
• Managing and configuring physical security
• Communicating information security goals and new programs effectively with other department managers within the organization
• Leading the research innovations team at Data Zoo
• Writing technical blogs.

• Designing adaptive digital identity reference architecture
• Creating and maintaining ISO27001 documents
• Writing technical blogs.

• Analyzing, designing, and coordinating the development of software systems to build a basis for the solution of information processing problems
• Object-oriented Design and Analysis (OOA and OOD)
• Interpreting specifications, technical designs, and flow charts
• Developing user interfaces by determining design methodologies and tool sets; preparing a workflow chart and diagram using knowledge of computer and ASP.NET programming capabilities
• Developing custom web parts using visual studio (C#.Net and ASP.Net)
• Maintaining & tuning applications
• Maintaining systems by monitoring and correcting software defects
• Working closely with other staff, such as project managers, graphic artists, systems analysts and marketing professionals
• Testing new programs to ensure that logic and syntax are correct, and that program results are accurate
• Consulting clients/colleagues concerning the maintenance and performance of software systems and asking questions to obtain information, clarify details and implement information
• Project Planning and Project Management
• Analyzing system specifications and translating system requirements to task specifications
• Communicating with professional services resources to help them make sample applications for the clients.