Job Description

Closing Date 2026/02/11
Reference Number MMH260204-13
Job Title Group: Snr IT Risk Management - Momentum Group Coordination
Position Type Permanent
Role Family Information Technology
Cluster Group Digital and Technology Office
Remote Opportunity Some of the time
Location - Country South Africa
Location - Province Gauteng
Location - Town / City Centurion
Introduction
Momentum Group is a South African-based financial services group. Our retail and specialist brands drive to build and protect our client's financial dreams. We help people grow their savings, protect what matters to them and invest for the future. We help companies and organisation's care for and reward their employees and members.
Momentum Group is one of South Africa's largest life insurers and integrated financial services companies, operating through brands like Momentum, Metropolitan, Guardrisk, and Eris Properties. Through our own network of advisers or via independent brokers and utilising new platforms Momentum Group provides practical financial solutions for people, communities, and businesses. Visit us at www.momentumgroup.co.za
Disclaimer As an applicant, please verify the legitimacy of this job advert on our company career page.
Role Purpose
The Head of IT Risk Management (Group Coordination) is responsible for orchestrating, integrating, and elevating IT risk management across the Momentum Group's federated operating model. The role provides group-wide visibility, consistency, and insight into IT and technology-related risks by coordinating across Business Units, identifying common themes and systemic risks, and ensuring effective reporting, remediation, and regulatory alignment.
This role is not a BU execution role, but a group coordination, facilitation, and risk-intelligence role, enabling strong risk outcomes through collaboration, influence, and structured oversight.
.
Requirements
Experience
8 years' experience in risk management, with primary depth in IT Risk Management
Strong grounding in Enterprise Risk Management within a complex organisation
Experience operating in federated or multi-business group environments
Proven exposure to:
IT risk frameworks and assessments
Audit processes and regulatory engagement
Board and executive-level risk reporting
Industry Experience
Financial services experience strongly preferred
Experience in regulated environments with evolving technology and cyber risk landscapes
Qualifications
Relevant tertiary qualification in:
Risk Management
Information Systems
Technology, Audit, or related discipline
Professional certifications advantageous:
CRISC, CISA, CISM, CGEIT, or equivalent
Risk or governance-related certifications
Duties & Responsibilities
1. Group-Wide IT Risk Integration
Coordinate IT risk management activities across all Business Units within the federated group model
Build and maintain a group-level view of IT risk, consolidating BU risk profiles into umbrella and systemic risk themes
Identify cross-cutting risks, interdependencies, and concentration risks that may not be visible at BU level
Facilitate alignment on risk interpretation, assessment approaches, and treatment strategies across BUs
2. Risk Insight, Trend Analysis & Thematic Identification
Analyse IT risk data, incidents, audit findings, and remediation plans across the group to identify emerging patterns and recurring themes
Develop forward-looking risk insights, including emerging technology risks, regulatory impacts, and operational vulnerabilities
Drive group-wide discussions on common risk drivers and potential coordinated remediation approaches
3. Reporting & Governance Enablement
Support and coordinate group IT risk reporting for:
o Board-Level Committees
o Management Risk Committees
o Regulatory submissions
Translate complex IT and technology risks into clear, decision-useful risk narratives for senior leadership
Ensure consistency, quality, and completeness of IT risk reporting across the group
Secondary Accountability: Risk Enablement, Assurance & Regulatory Alignment
1. Audit Coordination & Assurance Support
Maintain an IT risk audit landscape, tracking audit coverage, themes, and outcomes across BUs
Support BUs in responding to audit findings and ensure visibility of remediation progress at group level
Identify audit-driven themes that indicate systemic weaknesses or control design issues
5. Remediation Facilitation & Issue Oversight
Support and facilitate remediation of IT risk issues across BUs, particularly where issues are common or systemic
Facilitate cross-BU collaboration on remediation strategies and good practices
Track progress of key IT risk actions and escalate where risks remain unresolved or delayed
6. Regulatory & Compliance Monitoring
Monitor and interpret key technology-related regulatory and supervisory requirements, including:
o Cyber resilience and technology risk standards
o IT resilience and operational continuity requirements
o Data protection and privacy-related obligations (in collaboration with the DPO)
Translate regulatory expectations into group-level risk implications and actions
Work with relevant stakeholders to coordinate compliance responses and remediation efforts
Key Relationships & Collaboration
This role is heavily relationship-driven and depends on trust, credibility, and influence rather than authority.
Build strong, constructive relationships with BU IT Risk Managers and Risk Officers
Act as a connector between IT Risk, Information Security, Data Privacy, BCM, and Enterprise Risk
Facilitate risk conversations that encourage openness, learning, and shared ownership
Support a culture of risk awareness, accountability, and proactive management
Competencies
Technical & Risk Competencies
Enterprise and IT risk management frameworks
Technology risk, cyber risk, data risk, and IT resilience
Audit coordination and issue remediation
Regulatory interpretation and compliance alignment
Risk reporting and governance structures
Analytical & Strategic Skills
Ability to synthesise large volumes of risk information into clear group-level insights
Strong thematic and trend analysis capability
Strategic thinking with attention to operational realities
Expected Behavioral Attributes
This role succeeds on how the work is done as much as what is delivered.
Collaborative and facilitative - brings people together rather than imposing solutions
Credible and grounded - trusted by peers and senior leaders alike
Influential communicator - able to translate risk into language that drives action
Structured and disciplined - strong follow-through and consistency
Curious and forward-looking - anticipates emerging risks and connects dots early
Resilient and steady - comfortable navigating ambiguity and complexity
Policy
We are committed to Employment Equity, diversity and inclusion when recruiting internally and externally. All appointments are made in alignment to our Employment Equity goals and we encourage people with disabilities to apply.

Skills Required