Job Description

• The role of IT Risk Manager resides in the Governance, Risk and Business Engagement function of Group Technology (GT) that is responsible for Governance and IT Risk Management within the Group.
• Be actively involved in defining, implementing and management of the IT Risk Management Framework and processes for Group Technology.
• Involved in reporting on IT related risks in all the clusters to the Limited Audit & Risk committee.

Responsibilities

• 2nd line Audit Assurance and Compliance.
• Implementing & Automating Risk Management processes.
• Accurate and effective reporting of IT Risks.
• Develop Reporting templates (CURA & TPRM tool).
• Timeous escalation of new, high, or escalating risks.
• Own and manage the Risk Acceptance and review process within Group Technology - provide input and Quality Assurance.
• QA activities - Review & update risk articulation of risk data on CURA.
• Implement Third Party Risk Management framework.
• Perform Third Party Risk Management activities - planning, assessment and reviews.
• Manage and report progress on remedial activities from risk assessments.
• Risk Acceptance Process for GT- lead & execute.
• Facilitate Awareness campaigns for the third-party risk management tool users.
• Build strong relationships with Cyber Security teams.
• Assist with enforcing risk-related policy compliance.
• Convene & co-ordinate risk review meetings with all GT Service lines.
• Capture and report on outcomes of review meetings.
• Present at GT Risk Manco Meetings.
• Attend and present (as required) at the following meetings:

• Internal & External Audit meetings

• Group IT Audit & Risk Forum meetings

• ISO forums

• Third Party Risk Assessment reviews.

Requirements
Qualifications

• 3 year Diploma or Degree in either Risk or Security or related IT field (min NQF 7).
• Accredited Certification in Risk/Security beneficial.

Experience

• Minimum 3 years Risk Management experience (ideally in Information Technology).
• Minimum 3 years experience of IT Audit and Assurance.
• 2-5 years experience working with Risk Management tools such as BWise, Cura, Barnowl etc.
• Mimimum 3 to 5 years Microsoft Office experience (Excel/Word/ PowerPoint/Visio).
• Minimum 3 to 5 years experience in risk Report writing and presentation.
• Technical experience in the information security domain would be beneficial.

Knowledge/ Skills

• Incident Investigations
• Document Auditing
• Risk management
• Reporting and administration
• Quality, compliance and accreditation.

Search for:
New Jobs
Submit your CV
If you would like to submit your CV for consideration, please fill out this form and we will get in touch with you shortly.