ANALYST : IT GOVERNANCE, RISK & COMPLIANCE (IT GRC)

One of the leading universities in South Africa

What they can offer you :

Flexible Working conditions

• Relocation Assistance
• 100% discount on education for the staff member & 90% for direct family members
• Structured package to benefit your bottom line

Package

The all-inclusive remuneration package is negotiable between R452 862 and R837 514 for the 2.5 year contract term.

Purpose of the Position :

The IT GRC Analyst will play a pivotal role in supporting the senior GRC manager in maturing the IT GRC processes and

practices by assisting with : (i) IT policies, procedures, and processes; (ii) IT Risk Management; (iii) Assurance Reviews; (iv)

various GRC-related projects; (v) Management Reports.

Main Duties and Responsibilities include :

• GRC Projects :

o Assist with the scoping, planning, execution and monitoring of certain GRC-related projects.

• IT Governance :
• o Assist with the definition and implementation of Key Performance Indicators across the ICTS department;
• o Assist with the development of RACI matrices for various IT processes;

o Assist with the development and implementation of IT-related policies and procedures.

• IT Risk Management for Operational & Project risks – periodic support of :

o Identification & assessment of IT risks

o Monitoring the implementation of risk treatment actions.

o Maintenance of the risk and issues registers

• IT Assurance Management :

o Support of internal audits and assessments against adopted standards (e.g. COBIT, ISO27001 etc.) to

assist with compliance management and the improvement of IT / business processes.

o Assist with assurance reviews of IT Projects within the ICTS project office

• IT Processes and Controls :

o Support of the design and implementation of IT Processes and Controls within the ICTS department

aligned with adopted standards and frameworks.

o Assist with conducting reviews and monitoring compliance with approved business processes and control

frameworks within the ICTS department.

• Internal / External Audits : o Co-ordination of activities required to fulfil the requirements of internal and external audits.
• Reporting :

o Assist with the ongoing refinement / improvement of GRC-related dashboard reports.

o Assist with the preparation and dissemination of GRC management reports, ensuring deadlines are met.

Requirements :

• An Information Systems or IT-related qualification at a minimum NQF level 6 (National Diploma or Advanced

Certificate).

• A minimum of 5 years’ relevant IT GRC experience in an enterprise (complex) environment.
• A thorough understanding of :
• An IT Governance framework – e.g. COBIT
• an industry-recognised Risk Management framework
• Good English verbal and written, business communication skills
• Proficient in the use of the Microsoft Office suite.

Additional / Advantageous Requirements :

• One of the following certifications : M_o_R, CRISC, CGEIT or an IRMSA-endorsed Risk Management certification.
• COBIT Certification (IT Governance & Management Framework)
• Project Management skills and experience in the use of an industry-recognised Project Management methodology.
• Good presentation and facilitation skills.
• Strong planning, organising, and coordinating skills.
• Good inter-personal and relationship-building skills.
• Strong negotiation and influencing skills.