IT Risk Manager

Santam Group has a career opportunity for an IT Risk Manager in the Santam Technology Services (STS) department based at Santam Head Office in Bellville, Western Cape.

The primary responsibility of the IT Risk Manager:

• Define and implement the Framework for the Management of IT Risk in alignment with the System of Governance for IT across the Santam Group.
• Assist in designing and implementing policies, standards, and procedures to protect sensitive data and ensure operational continuity.
• Identify, monitor, and respond to incidents, advising management on mitigation strategies.
• Prepare the Santam Group IT Governance, Risk and Information Security Report for the Risk Committee and Board.
• Report on IT-related risks, including the top 10, to the SGT Audit and Risk Forum.
• Follow up on outstanding IT Audit findings (internal and external) within STS to ensure resolution.
• Conduct regular training and awareness sessions (in person, virtual, or via training materials) on IT risk management roles and responsibilities.

• Bachelor’s Degree in a related field, e.g., B.Com (Information Systems), or equivalent work experience.
• 3 to 5 years of IT Audit / IT Risk Management experience.
• CISA / CRISC / CGEIT or similar certification is advantageous.

• Influence and Communication
• Collaboration and Teamwork
• Adaptability and Continuous Learning
• Learning Agility
• Cultural Influence and Education
• Regulatory and Compliance Knowledge
• Conflict Resolution and Negotiation

Technical Proficiency:

• Risk Assessment: Conducting thorough IT risk assessments, identifying weaknesses, and evaluating risks.
• Technical Compliance: Understanding standards like Cobit, ISO 27000 series, ITIL, King IV, and applicable regulations.
• Report Writing: Excellent report writing skills.
• Presentations: Ability to create PowerPoint presentations to communicate key messages.

Risk Management:

• Assessing and prioritizing risks, developing mitigation strategies.

Communication and Collaboration:

• Engaging stakeholders across levels, including executives, technical teams, and non-technical staff.
• Collaborating with IT, legal, compliance, and business units to embed security practices.

Problem Solving and Decision Making:

• Analyzing complex issues, assessing impacts, and making informed decisions.
• Evaluating incidents and risks to develop effective solutions.

Santam is South Africa’s leading short-term insurer, transacting all classes of short-term insurance through its subsidiaries. A large, diversified, and transforming company, our success is rooted in our passion for our clients. We are committed to delivering Insurance Good and Proper.

Please note, appointments will be made in line with Divisional Employment Equity targets. People with disabilities are encouraged to apply.