Governance, Risk, Compliance, And Assurance (Grca) Lead / Manager

Be among the first applicants.

Data Centrix

Johannesburg

ZAR 80 000 - 120 000

Be among the first applicants.

Yesterday

Job description

Minimum Qualifications & Experience:
Bachelor's degree in Information Security, Business Administration, or a related field (Master's or MBA preferred).
8+ years of experience in cybersecurity governance, risk, or compliance roles, with at least 3 years in a leadership/managerial position.
In-depth knowledge of frameworks (NIST CSF, ISO, COBIT) and regulatory standards (SOX, GDPR, etc.).
Experience with risk assessment methodologies and GRC platforms/tools.
Familiarity with OT regulatory and compliance requirements (e.g., mining, critical infrastructure).
Relevant certifications (e.g., CRISC, CISM, CGEIT) are strongly preferred.

Key Responsibilities:
Develop, implement, and maintain security policies, standards, and procedures.
Identify, assess, and prioritize security risks; propose remediation strategies to management.
Lead internal/external security audits and regulatory compliance efforts (ISO, SOX, GDPR, industry-specific regulations).
Collaborate with cross-functional teams (Legal, HR, Operations, Finance) to ensure enterprise-wide compliance.
Monitor emerging regulatory and industry requirements, adjusting compliance frameworks as necessary.
Conduct regular reviews of risk registers, ensuring continuous improvement in risk management processes.
Provide periodic assurance reports to senior leadership and the board.
Build and conduct a robust supply-chain and third-party risk management capability.