IT Risk Manager

Role:

The role of IT Risk Manager resides in the Governance, Risk and Business Engagement function of our client that is responsible for Governance and IT Risk Management.

The IT Risk Manager will be actively involved in defining, implementing and management of the IT Risk Management Framework and processes for our client. The IT Risk Manager will be involved in reporting on IT related risks in all the clusters to the Limited Audit & Risk committee.

What will make you successful in this role?

Outputs

2nd line Audit assurance and compliance

Implementing & Automating Risk management processes

Accurate and effective reporting of IT Risks

Develop Reporting templates (CURA & TPRM tool)

Timeous escalation of new, high, or escalating risks

Own and manage the Risk Acceptance and review process provide input and quality assurance

QA activities Review & update risk articulation of risk data on CURA

Implement Third Party Risk Management framework

Perform Third Party Risk Management activities planning, assessment and reviews

Manage and report progress on remedial activities from risk assessments

Risk Acceptance Process for our client lead & execute

Facilitate Awareness campaigns for the third-party risk management tool users

Build strong relationships with Cyber security teams

Assist with enforcing risk-related policy compliance

Convene & co-ordinate risk review meetings with all our clients Service lines

Capture and report on outcomes of review meetings

Present at our client Risk Manco Meetings

Attend and present (as required) at the following meetings:

Internal & External audit meetings

Group IT Audit & Risk Forum meeting

ISO forums

Third Party Risk Assessment reviews

Qualifications:

3yr Diploma or Degree in either Risk or Security or related IT field (min NQF 7)

Accredited Certification in Risk/Security beneficial

Experience:

A minimum of 3-years Risk Management experience (ideally in Information Technology)

A minimum of 3-year experience of IT Audit and Assurance

2-5 years experience working with Risk Management tools such as BWise, Cura, Barnowl etc.

A minimum of 3 to 5 years Microsoft Office experience (Excel/Word/ PowerPoint/Visio)

A minimum of 3-5 years experience in risk report writing and presentation

Technical experience in the information security domain would be beneficial.

Knowledge and Skills:

Incident Investigations

Document Auditing

Risk management

Reporting and administration

Quality, compliance and accreditation

Personal Attributes:

Interpersonal savvy - Contributing through others

Decision quality - Contributing through others

Plans and aligns - Contributing through others

Optimises work processes - Contributing through othersCore Competencies:

Cultivates innovation - Contributing through others

Customer focus - Contributing through others

Drives results - Contributing through others

Collaborates - Contributing through others

Being resilient - Contributing through others