Summary

Overview

Work History

Education

Skills

Websites

Certification

Timeline

Agnes Magombedze

Wellington,New Zealand

Summary

Dynamic technology risk leader with extensive experience at the Bank of New Zealand, driving risk assessment and regulatory compliance initiatives. Proven track record in enhancing security posture and mitigating third-party risks, leveraging data analysis and strategic policy development to achieve sustainable compliance and governance. Strong collaborator and trusted advisor to cross-functional teams.

Overview

years of professional experience

Certification

Work History

Head of Technology Risk

Bank of New Zealand

Wellington, New Zealand

05.2021 - Current

Lead a team of technology risk experts at the Bank of New Zealand, providing risk and compliance support to technology business units.
• Develop risk insights driven by data to enhance the technology control environment, and provide executive understanding.
Collaborate with cross-functional teams to implement innovative solutions for technology risk management.

Senior Manager - Technology & Digital Risk

Bank of New Zealand

Wellington, New Zealand

02.2020 - 05.2021

Led a team to increase technology risk assessment coverage, leading to better identification and mitigation of potential risks, enhancing the overall security posture.
Led the team to complete 100% asset-level control and risk assessments, ensuring sustainable compliance with APRA CPS234 regulatory obligations. It resulted in enhanced risk management and governance for the organization.
Led the team to complete third-party risk assessments, identifying and addressing high-risk vendors, strengthening risk mitigation strategies, and protecting the business from potential disruptions.
Served as a trusted advisor to the Technology and Digital business units, assisting in the mitigation of over 50% of risks and controls, ensuring compliance and project execution accountability, and aligning with the business's risk appetite, ultimately improving overall risk management and governance.
Delivered better compliance and reporting of security compliance across all levels of technology.
Introduced and strengthened technical standards for maintaining security configuration through system enforced compliance.
Promoted security compliance across all infrastructure systems through near real time reporting and continuous monitoring through tripwire/puppet/chef.
Promoted the adoption of best practice risk policy and process frameworks from within Technology into Group, Business and the extended technology teams by understanding the respective operating contexts in relation to policy and process frameworks.
Led the implementation of a new operational risk framework that included consideration and management of technology risks within the business.
Identify and assist in the identification of operational, technology and compliance risks and creation of valid and appropriate risk treatment plans for all risks.

Snr Manager - Operational Security & Compliance

ANZ

Wellington, Wellington

01.2019 - 02.2020

Directed recruitment, hiring, and training of new staff members.
Coached, mentored, and trained team members to improve their job performance.
Implemented and enforced technical standards to enhance security compliance at all technology levels.
• Strengthened security configuration through system-enforced compliance measures.

Operational Security & Compliance Manager

ANZ

Wellington, Wellington

07.2015 - 12.2018

Oversaw security compliance efforts utilizing tripwire, puppet, and chef for effective real-time system monitoring.
Led a team of security operations professionals to ensure comprehensive governance of internal audit processes.

Operational Risk & Compliance Manager

ANZ

Wellington, Wellington

03.2010 - 06.2015

Participated in industry forums and conferences related to compliance topics.
Assisted with the development of training materials for employees regarding compliance requirements.
Implemented a new operational risk framework to manage technology risks within the business at ANZ in Wellington, New Zealand.
• Promoted the adoption of best practice risk policy and process frameworks from Technology into Group and Business teams.
• Led the understanding of operating contexts to enhance policy and process frameworks' alignment.

Security Consultant

Deloitte New Zealand

Wellington, New Zealand

03.2008 - 03.2010

• Conducted network security assessments, and developed policies for critical infrastructure systems security reviews in the financial and telecommunications industries.
• Led PCI DSS scoping and assessments, ensuring compliance with industry standards.
• Collaborated with teams to enhance security measures, and mitigate risks for clients.

Advisor

Ernst & Young

Harare, Zimbabwe

01.2006 - 02.2008

Managed IT audit engagements in various industries, including banking, finance, insurance, and manufacturing.
• Completed Reserve Bank of Zimbabwe security certifications for four major banks.
Supervised interest recalculation through computer-aided auditing techniques for enhanced security measures.

Snr Systems Analyst/Programmer

CFX Merchant Bank

04.2003 - 12.2006

Managed IT support at CFX Merchant Bank in Harare, Zimbabwe, overseeing network administration, antivirus management, and code changes to support business processes.
Implemented changes to nodes, users, and printers, ensuring antivirus software updates, and smooth network operations.
• Developed and executed code changes to enhance business processes and support company goals.

Education

Post Graduate Diploma - Business Administration and Management

Massey University

New Zealand

12.2016

Bachelor of Business Administration (B.B.A.) - Computer and Management Information Systems

Solusi University

12.2002

Skills

Risk assessment
Data analysis
Regulatory compliance

Third-party risk management
Security compliance
Policy development

Websites

linkedin.com/in/agnesmagombedze

Certification

Certified Information Systems Auditor (CISA), ISACA
Certified Information Security Manager (CISM), ISACA
Certified In Risk and Information Systems Control (CRISC), ISACA

Timeline

Head of Technology Risk

Bank of New Zealand

05.2021 - Current

Senior Manager - Technology & Digital Risk

Bank of New Zealand

02.2020 - 05.2021

Snr Manager - Operational Security & Compliance

ANZ

01.2019 - 02.2020

Operational Security & Compliance Manager

ANZ

07.2015 - 12.2018

Operational Risk & Compliance Manager

ANZ

03.2010 - 06.2015

Security Consultant

Deloitte New Zealand

03.2008 - 03.2010

Advisor

Ernst & Young

01.2006 - 02.2008

Snr Systems Analyst/Programmer

CFX Merchant Bank

04.2003 - 12.2006

Post Graduate Diploma - Business Administration and Management

Massey University

Bachelor of Business Administration (B.B.A.) - Computer and Management Information Systems

Solusi University

Agnes Magombedze

Summary

Overview

Work History

Head of Technology Risk

Senior Manager - Technology & Digital Risk

Snr Manager - Operational Security & Compliance

Operational Security & Compliance Manager

Operational Risk & Compliance Manager

Security Consultant

Advisor

Snr Systems Analyst/Programmer

Education

Post Graduate Diploma - Business Administration and Management

Bachelor of Business Administration (B.B.A.) - Computer and Management Information Systems

Skills

Websites

Certification

Timeline

Head of Technology Risk

Senior Manager - Technology & Digital Risk

Snr Manager - Operational Security & Compliance

Operational Security & Compliance Manager

Operational Risk & Compliance Manager

Security Consultant

Advisor

Snr Systems Analyst/Programmer

Post Graduate Diploma - Business Administration and Management

Bachelor of Business Administration (B.B.A.) - Computer and Management Information Systems

Similar Profiles

Brooke AtkinsBrooke Atkins

Kathleen Pulemaava UitimeKathleen Pulemaava Uitime

Likhil LandgeLikhil Landge