Job Description

Job Purpose
The IT Risk Specialist will be responsible for identifying, analysing, and mitigating potential risks that could impact Hollard's information technology systems. This role involves developing and implementing risk management protocols and procedures, conducting regular IT risk assessments and assurance reviews, and ensuring compliance with relevant laws, regulatory standards, and company policies. The IT Risk Manager will work closely with IT and business teams to ensure that IT risks are managed effectively and will provide expert advice on IT risk management matters and best practice.
Key Responsibilities
Strategy and Planning:

• Support the Senior Manager: IT Risk Governance in developing and maintaining a formal IT risk management framework.
• Assist in the design of IT risk and control libraries, self-assessment questionnaires/templates, and Key Risk Indicator (KRI) metrics.

Operational/Technical:

• Utilise leading practice frameworks (e.g. CIS, ISO 27002, NIST, etc.) to identify and assess IT risks across the various Hollard business units.
• Collaborate with IT and business teams to develop risk mitigation strategies, address identified risks, implement corrective actions, and ensure continuous improvement of risk management practices.
• Prepare and present detailed risk reports to senior management and stakeholders, providing insights and recommendations for risk mitigation.
• Support training and awareness sessions on IT risk management for employees, and Hollard partners.
• Coordinate with internal and external auditors, and regulatory bodies during audits and onsite visits.
• Stay abreast of industry trends and advancements in IT, threats/vulnerabilities, Artificial Intelligence (AI), risk management, as well as new regulatory pronouncements.
• Demonstrate effective time management, by tracking allocated tasks and pro-actively communicating any anticipated challenges and delays.

Human Resources:

• Complete the necessary training as agreed in IDP (Individual Development Programme).
• Take responsibility for own career and performance management.
• Contribute to departmental social activities.

Expected strategic/operational involvement: 30%/70%