IT Risk Manager
Cape Town
Our Client
Company Group Technology is responsible for the provision of a digitally enabled technology service as a group COE, drive business and transformation and provide group-wide digital and data architecture. They operate the various technology platforms and shared services, ensure Cyber and Information Security resilience, and act as technology governance and risk orchestrator for technology across Company.
What will you do?
The role of IT Risk Manager resides in the Governance, Risk and Business Engagement function of the Group Technology department that is responsible for Governance and IT Risk Management within the Company.
The IT Risk Manager will be actively involved in defining, implementing and management of the IT Risk Management Framework and processes for the group. The IT Risk Manager will be involved in reporting on IT related risks in all the clusters to the Limited Audit & Risk committee.
What will make you successful in this role?
Outputs
2nd line Audit assurance and compliance
Implementing & Automating Risk management processes
Accurate and effective reporting of IT Risks
Develop Reporting templates (CURA & TPRM tool)
Timeous escalation of new, high, or escalating risks
Own and manage the Risk Acceptance and review process within the Group Technology department – provide input and quality assurance
QA activities – Review & update risk articulation of risk data on CURA
Implement Third Party Risk Management framework
Perform Third Party Risk Management activities – planning, assessment and reviews
Manage and report progress on remedial activities from risk assessments
Risk Acceptance Process for the Group Technology – lead & execute
Facilitate Awareness campaigns for the third-party risk management tool users
Build strong relationships with Cyber security teams
Assist with enforcing risk-related policy compliance
Convene & co-ordinate risk review meetings with all Group Technology Service lines
Capture and report on outcomes of review meetings
Present at Group Technology Risk Manco Meetings
Attend and present (as required) at the following meetings: Internal & External audit meetings
Group IT Audit & Risk Forum meeting
ISO forums
Third Party Risk Assessment reviews
Qualifications
3yr Diploma or Degree in either Risk or Security or related IT field (min NQF 7)
Accredited Certification in Risk/Security beneficial.
Experience
A minimum of 3-years Risk Management experience (ideally in Information Technology)
A minimum of 3-year experience of IT Audit and Assurance
2-5 years' experience working with Risk Management tools such as BWise, Cura, Barnowl etc.
A minimum of 3 to 5 years Microsoft Office experience (Excel/Word/ PowerPoint/Visio)
A minimum of 3-5 years' experience in risk report writing and presentation
Technical experience in the information security domain would be beneficial.
Knowledge and Skills
Incident Investigations
Document Auditing
Risk management
Reporting and administration
Quality, compliance and accreditation