Job Description

:

Technology Risk & Compliance Analyst (BPO/Finance)

Our client is a leading and innovative company at the forefront of transformation, data science, and change management solutions. With a clear vision to empower businesses, they have garnered a stellar reputation for making organizations more efficient, effective, and customer-centric, while driving substantial revenue growth. Their commitment to excellence has made them a trusted partner for a diverse array of businesses seeking to thrive in today's fast-paced and ever-changing market landscape.

Job Type: Full-time | On-site

Requirements

• Industry certifications for example CRISC, CISA or CISSP.

• Knowledge or experience working with security standards and frameworks, such as the ISO31000 Risk Management Framework.

• Knowledge or training for the ISO27001 standard and NIST security frameworks.

• Demonstrate experience and knowledge across the following areas:

• Security risk management, security compliance, and basic knowledge of audits.

• Communicating technical and IT risks into tangible business risks and impacts.

• Working in a global organisation (preferably within the manufacturing and/or security risk and compliance division) with stakeholders of varying seniority

• 1 - 2 years Exp within GDPR

• No Degree with Exp IT domain - covering: Tech risk Model, Penetration reports, Production System,

• Domain xe2x80x93 IT Risk Mode

• Ability to design and execute key internal controls in a Technical Risk & Compliance environment

• Good understanding of technology risk management fundamentals, processes and frameworks

• Ability to communicate with stakeholders of varying seniority to explain technology risks in simple business language, with a clear scope of impact, risk ownership and accountability.

• Strong analytical skills, with a proactive work approach for identifying and remediating risks for the business and a proven ability to drive results.

• General knowledge of various Cybersecurity domains such as: data protection, identity & access management, with an ability to identify risks across these areas.

Responsibilities:

• Demonstrate commitment to the core values through upholding standards of business conduct, complying with Group policies & procedures, and leading by example.

• Establish a working environment which promotes the importance of employees acting with integrity and in an ethical manner in line with the Group Code of Conduct.

• Ensure the execution of key internal controls within Technology Risk & Compliance

• Define, document and operationalise the processes and procedures to drive the consistency in the monitoring of compliance (e.g. compliance checking, tracking, monitoring and monitoring schedules, communications, and reporting) of managed service providers and Tier 1 vendors with security requirements and Service Level Agreements (SLAs)

• Define and document the Cyber/Technology risk management process leveraging the existing ERM framework, including the cyber/ technology risk assessment methodology (e.g. risk acceptance/assessment process, security risk profile, roles/responsibilities; reporting requirements, etc.)

• Define a model of risk likelihood and impact, as well as risk rating criteria, categorisation, risk tolerance & acceptance levels and escalation processes

• Identify and assess potential information technology risks in processes and applications, and register risks and associated solutions in a formalised risk register.

• Monitor mitigating actions and proposed solutions to ensure risks are reduced to an acceptable business level.

• Validate security/technology & risk requirements with relevant stakeholders before the launch of a software, tool or platform.

• Provide governance to ensure adequate risk management of compliance and regulatory risks.

• Design and maintain compliance framework containing internal security policies, global standards and regulatory requirements.

• Register risks and associated solutions in a formalised risk register and define KPIs, metrics and a risk appetite to enable standardised risk reporting amongst teams

If you are interested, please send your application via our website or Job Link! We look forward to hearing from you!

xe2x80x94

Black Pen Recruitment is a global recruitment agency that targets European, African and American Markets with headquarters based in Malta (Europe) and Cape Town (South Africa).

Black Pen Recruitment