It Risk Manager

Our Client

This business area is responsible for providing a digitally enabled technology service as a group COE, driving business transformation, and offering group-wide digital and data architecture. They operate various technology platforms and shared services, ensure cyber and information security resilience, and act as the technology governance and risk orchestrator for the Company.

What will you do?

The role of IT Risk Manager is part of the Governance, Risk, and Business Engagement function within Company Group Technology. This team is responsible for governance and IT risk management across the Company. The IT Risk Manager will define, implement, and manage the IT Risk Management Framework and processes, and will be involved in:

• Reporting on IT-related risks across all clusters to the Limited Audit & Risk Committee.

What will make you successful in this role?

Outputs

• Provide 2nd line audit assurance and ensure compliance
• Implement and automate risk management processes
• Accurately and effectively report IT risks
• Develop reporting templates (CURA & TPRM tools)
• Escalate new, high, or escalating risks in a timely manner
• Own and manage the Risk Acceptance and review process within Company Group Technology, providing input and quality assurance
• Conduct QA activities—review and update risk data articulation on CURA
• Implement the Third Party Risk Management framework
• Perform third-party risk management activities—planning, assessment, and reviews
• Manage and report progress on remedial actions from risk assessments
• Lead and execute the Risk Acceptance Process for the Company
• Facilitate awareness campaigns for third-party risk management tool users
• Build strong relationships with cybersecurity teams
• Assist in enforcing risk-related policy compliance
• Coordinate risk review meetings with all Company service lines and report outcomes
• Present at Company Risk Manco Meetings
• Attend and present at internal and external audit meetings, ISO forums, and third-party risk assessment reviews

Qualifications

• 3-year Diploma or Degree in Risk, Security, or related IT field (minimum NQF 7)
• Accredited certification in Risk/Security is beneficial

Experience

• At least 3 years of risk management experience, ideally in IT
• At least 3 years of IT audit and assurance experience
• 2-5 years of experience with risk management tools such as BWise, Cura, Barnowl, etc.
• 3-5 years of Microsoft Office experience (Excel, Word, PowerPoint, Visio)
• 3-5 years of experience in risk report writing and presentation
• Technical experience in information security is advantageous

Knowledge and Skills

• Incident investigations
• Document auditing
• Risk management
• Reporting and administration
• Quality, compliance, and accreditation

If you do not hear from us within two weeks, please consider your application unsuccessful.