IT Governance, Risk and Compliance Specialist

2 weeks ago

Johannesburg, Gauteng, South Africa National Risk Managers Full time
A Medical Insurance Company based in Benoni, Gauteng is looking for a IT Governance, Risk and Compliance Specialist who will assist in the development and implementation of IT Governance frameworks and IT controls following appropriate methodology approved by management that is aligned with international and financial industry standards (e. g, GOI standards (PA), Joint Standards (PA & FSCA), COBIT, ITIL, ISO, NIST, PRINCE II, CMM, etc.).
Advise the company on best business practices and to develop and implement appropriate solutions.
Work closely with cross functional teams to identify, assess, and mitigate risks while ensuring alignment with industry standards and regulatory requirements.

Key Performance Areas
  • IT Governance Frameworks
  • IT Risk Management Audit
  • IT Compliance
  • Incident and Response Management
  • Documentation and Reporting
  • Security Architecture and Implementation
  • Ad hoc

Key Tasks
IT Governance Frameworks
  • Assist in the implementation of IT Governance, Risk and Compliance solutions in line with the Affinity Life Limited approved policies and frameworks
  • Assist in the development and implementation IT Governance, Risk Management and Compliance policies, processes, procedures, and IT controls training materials to keep IT colleagues informed of relevant industry, legislative and regulatory requirements, and changes
  • Development and implementation of IT Governance Frameworks, IT Controls, recommendations from various assessments and action plans following an appropriate methodology by managements approval that is aligned with international and financial industry standards (e. g. GOI Standards (PA), Joint Standards (PA & FSCA) COBIT, ITIL, ISO, NIST, PRINCE II, CMM, etc)
  • Support the development of policies, processes, and procedures for the IT Division
  • Develop, implement, and monitor reporting mechanisms for IT Governance, Risk Management, and Audit, to support compliance and highlight areas of exposure to management
  • Assist in the maintenance of IT alignment activities, including report submissions, across various governance committees and structures
  • Include control document reviews, meeting coordination, assessment, finding mediation, assisting control owner with remediation plan development, tracking findings through remediation, progress monitoring, reporting, and escalation
  • Assess the current adequacy of the business continuity / disaster recovery plans in conjunction with Risk Management, potential threats to the systems, and then calculate the impact of potential adverse events
  • Participate in the development, adoption, and compliance of IT governance framework across all areas of business
  • Perform design and process analysis for IT business processes that impact IT Governance
  • Facilitate adoption and continuous improvement of planning practices and processes within IT and the business as a whole
IT Risk Management Audit
  • Act as a risk and compliance champion for the IT Division
  • Maintain and monitor the IT risk framework is aligned to the Affinity Life Limited approved enterprise risk management framework
  • Maintain the IT Risk Register in collaboration with enterprise risk management and drive implementation of mitigation controls of risks through Managers and business within defined periods
  • Integrate Cyber risk into IT Risk Management practices, processes, procedures, and activities
  • Co-ordinate periodical internal risk assessments in various IT functions and tracking of application access reviews, active directory review, security, network and vulnerability assessments and IT Audits
  • Facilitate disaster recovery and business continuity initiatives with relevant stakeholders
  • Review identified security risks and breaches to ensure the IT assets and information are always appropriately secured
  • Visibility, management, and escalation of IT risks impacting the delivery of IT services
  • Work closely with the internal clients and third parties to facilitate IT risk analysis and risk management processes and to identify acceptable levels of residual risk
  • Conduct IT risk assessments, and analyse the effectiveness of control activities, and report on them with actionable recommendations
  • Identify and monitor IT risks continuously
  • Keep IT management up to date on the results

IT Compliance
  • Monitor and review compliance with regulatory requirements and practices to ensure IT-related activities are meeting prescribed standards
  • Management of compliance requirements to improve the company's compliance maturity with legal and regulatory requirements such as GOI and Joint Standards, Insurance Act, PAIA,POPIA, ETC act, Cyber bill, FICA, RICA etc.)
  • Maintain and facilitate data protection activities to ensure full compliance with POPIA and associated regulations on personal identifiable information and business-related sensitive information
  • Act as compliance champion for the IT Division
  • Coordinate and support internal and external compliance audits

Incident Response and Management
  • Develop and maintain an incident response plan.
  • Lead and coordinate responses to cyber security incidents to ensure a timely and effective resolution
  • Conduct post-incident reviews to identify lessons learned and areas for improvement
  • Assist in the preparation of stakeholder communications in response to cyber security incidents
  • Assist in the development of incident response training for employees

Documentation and Reporting
  • Maintain accurate and up to date documentation related to IT GRC activities
  • Generate regular reports on the organisation's security and compliance posture for management and stakeholders


Security Architecture and Implementation
  • Work with IT and Development teams to integrate security measures into the overall IT and Development architecture
  • Implement and manage security technologies to safeguard the organisation's assets
  • Collaborate with system owners to ensure secure configuration and operation of IT systems

Ad hoc
  • Perform ad-hoc duties as assigned to ensure the smooth functioning of the IT GRC function and maintain a good reputation with Auditors, Compliance and Risk Departments


Essential Qualifications
  • Matric
  • National Diploma in IT /Bachelor or Relevant equivalent to NQF Level 6
  • IT Governance certification or ITIL & COBIT mandatory

Desirable Qualifications
  • CRISC, CISSP, CISM, CISA or CGEIT certification

Essential Experience
  • Experience in IT Governance Risk and Compliance related experience
  • Experience with GRC methodologies, tools, and enablers
  • Hands-on experience with implementation and monitoring of one or more IT Governance frameworks (COBIT, ITIL, ISO, PRINCE II, etc.)

Legal or Statutory Requirements
  • Clear Criminal Record

Knowledge and Skills
  • Solid understanding of IT Governance, Risk Management and Compliance Frameworks
  • Understanding of security risks and the required preventative controls
  • Excellent understanding of IT operational processes and controls including projects
  • Knowledge of the IT frameworks and best practices
  • Excellent understanding of Regulatory requirements relatively to the IT environment (PCI DSS, POPIA, GDPR)
  • The ability to be persuasive and be able to communicate GRC related concepts to staff
  • Sound knowledge, understanding and application of the relevant legislation
  • Ability to map business needs to technology solutions
  • Implementation of the ICT strategy in the insurance
  • Must have excellent corporate governance principles
  • Thorough understanding of technical elements


Attributes
  • Resilience
  • Innovative
  • Deadline driven
  • Self-starter
  • Customer service orientated
  • Ability to handle confidential matters
  • Professionalism
  • Negotiation
  • Conflict Resolution
  • Fairness
  • Conscientious
  • Meticulous
  • Honest, Hardworking and Humble

  • IT Governance, Risk and Compliance Specialist

    2 weeks ago

    Johannesburg, Gauteng, South Africa National Risk Managers (Pty) Ltd Full time

    A Medical Insurance Company based in Benoni, Gauteng is looking for a IT Governance, Risk and Compliance Specialist who will assist in the development and implementation of IT Governance frameworks and IT controls following appropriate methodology approved by management that is aligned with international and financial industry standards (e. g, GOI standards...

  • Chief Specialist: IT Governance, Risk and Compliance

    2 weeks ago

    Johannesburg, Gauteng, South Africa IT Ridge Technologies Full time

    This role will have broad accountability for ICT governance, risk and compliance related functions including ICT policies, standards, risk, and controls management. This role is a key contributor to IT Strategy, which includes developing frameworks aligned to the appropriate industry standards, creating the required forums, and establishing appropriate...

  • Governance, Risk and Compliance Specialist

    2 weeks ago

    Johannesburg, Gauteng, South Africa FROGG Recruitment Full time

    Governance, Risk and Compliance Specialist SandtonOur well-established client is looking for a Governance, Risk and Compliance ("GRC") Specialist with 5+ years of experience with relevant Risk and Compliance experience.Salary: Market-Related CTCMinimum Requirements: Matric with Bachelor of Commerce (B Com) Degree (Finance / Accounting / Legal Certificate in...

  • IT Governance, Risk and Compliance Specialist

    2 weeks ago

    Johannesburg, Gauteng, South Africa Scitech Placements Full time

    We are looking for a IT Governance, Risk and Compliance Specialist, East RandOverview:As an IT Governance, Risk and Compliance Specialist, you will be responsible for assisting in the development and implementation of IT Governance frameworks and IT controls. This will involve working closely with cross-functional teams to identify, assess, and mitigate...

  • IT Governance Risk and Compliance Specialist

    2 weeks ago

    Johannesburg, Gauteng, South Africa Affirmative Portfolios Full time

    Information TechnologyJHB North***: IT Governance Risk and Compliance Specialist (GRC)R771 300p/a - Sandton - PermanentJob Summary The specialist will identify, classify, and document control issues environment by documenting assessment results, recommending corrective action, tracking remediation, evaluating policy and control standard exceptions, and...

  • IT Governance Risk and Compliance Specialist

    2 weeks ago

    Johannesburg, Gauteng, South Africa The Recruitment Agency South Africa (TRASA) Full time

    IT Governance, Risk and Compliance Specialist1. Job SummaryAssist in the development and implementation of IT Governance frameworks and IT controls following appropriatemethodology approved by management that is aligned with international and financial industry standards (e. g, GOIstandards (PA), Joint Standards (PA & FSCA), COBIT, ITIL, ISO, NIST, PRINCE...

  • IT Governance Risk and Compliance

    2 weeks ago

    Johannesburg, Gauteng, South Africa Six Sense Full time

    Gauteng, JHB - Northern Suburbs Annually Cost To Company (Market related)A well-established short term insurer is seeking to appoint a IT Governance Risk and Compliance (GRC) SpecialistQualifications: National Diploma in IT /Bachelor or Relevant equivalent to NQF Level IT Governance certification or ITIL & COBIT mandatory; CRISC, CISSP, CISA or CGEIT...

  • Chief Governance Risk and Compliance Officer

    2 weeks ago

    Johannesburg, Gauteng, South Africa LENOHLAHLA CONSULTING Full time

    KEY PERFORMANCE AREASStrategy & Leadership - Lead conceptualisation, design and implementation of the overall Governance, Risk & Compliance strategy aligned to the business needs, Companys vision and business strategy. Provide the Governance, Risk & Compliance input into the long-term Companys strategy. Set clear targets for the Governance, Risk & Compliance...

  • Risk & Compliance Specialist

    2 weeks ago

    Johannesburg, Gauteng, South Africa Antal International Network Full time

    You are open to considering joining a vibrant and innovative company holding both non-life and life insurance licenses, as their new Risk and Compliance Specialist Our client is committed to ensuring regulatory adherence and effective risk management across the group. As a Risk and Compliance Specialist, you'll work closely with the Head of Risk and...

  • Risk Governance

    2 weeks ago

    Johannesburg, Gauteng, South Africa TransUnion Full time

    TransUnion's Job Applicant Privacy NoticeWhat We'll Bring:Supporting the administration and operation of key UK risk governance activities (e.g. UK ORC), producing risk reporting and administering UK policy governance processes.What You'll Bring:Key tasks and accountabilities:Reporting to the Director of UK Risk and Compliance, and fulfilling the following...

  • Information Governance Specialist

    2 weeks ago

    Johannesburg, Gauteng, South Africa eSoft Development and Technologies Full time

    Objective of this Scope of WorkThe scope of work defines the roles and responsibilities of the required Information Governance Specialist.Scope of Services Definition The Information Governance Specialist will work under the guidance of the Information Governance Manager in EIM in Business Solutions and Technology Department (BSTD). Information...

  • Risk and Compliance Officer

    2 weeks ago

    Johannesburg, Gauteng, South Africa Ultra Personnel Full time

    Degree in LawCertified Anti Money Laundering Specialist (CAMS) will be an added advantageMinimum of 2-5 years compliance-related experience is essentialInsurance and financial services industry experience is preferredPrimarily you will be responsible for the development and monitoring implementation of business risk and compliance framework as well as...

  • Data Governance Specialist

    2 weeks ago

    Johannesburg, Gauteng, South Africa eSoft Development and Technologies Full time

    Data governance specialists have a wide range of responsibilities, which can include:Reviewing data sources to identify any gaps in coverage that require additional data collection efforts Developing and implementing data security policies to protect sensitive data from unauthorized access or use Establishing data standards for a company's database...

  • Head: IT Security Governance Risk and Compliance

    2 weeks ago

    Johannesburg, Gauteng, South Africa Energy at Work Projects Full time

    Head of IT Security and GRC is responsible for overseeing the organisation's information security program and ensuring compliance with governance, risk management, and regulatory requirements. This senior leadership role will develop and implement a comprehensive security strategy, manage a team of IT security and GRC professionals, and work closely with...

  • Specialist, Governance

    2 weeks ago

    Johannesburg, Gauteng, South Africa Standard Bank Of South Africa Limited Full time

    To provide specialist board support and secretarial services to allocated portfolios of subsidiary companies' boards, and board and management committees to ensure compliance of the organisation in relation to financial and legal practices, as well as issues of corporate governance. Provide specialist advice and guidance to directors and management,...

  • Reporting and Governance Specialist

    2 weeks ago

    Johannesburg, Gauteng, South Africa FirstRand Full time

    Job DescriptionTo facilitate effective operational and risk reporting to management and governance committees by effectively managing operational aspects within the business, compensating controls that are created, implemented and maintained to minimize risks as well as ensure there is alignment amongst information management artefacts, ie: Data SLAs,...

  • Risk and Compliance Analyst

    2 weeks ago

    Johannesburg, Gauteng, South Africa Hollard Recruitment Full time

    Job Advert Summary:Hello there....., an exciting new opportunity has just become available at our Hollard Group Risk within our Risk and Compliance area. We are looking to recruit a Risk and Compliance AnalystHollard Group Risk (HGR) is a specialist group risk underwriter and focuses on the provision of group covers in South Africa.The Risk and Compliance...

  • Compliance Specialist

    2 weeks ago

    Johannesburg, Gauteng, South Africa FirstRand Full time

    Job DescriptionHello Future Compliance SpecialistWelcome to FNB, the home of the #changeables. We design for the shapeshifters and deliver products and services that make us incredibly proud of people that make it happen.As part of our team in FNB Life Governance Legal and Compliance team, you will be surrounded by unique talents, diverse minds, and an...

  • Compliance Specialist

    2 weeks ago

    Johannesburg, Gauteng, South Africa FirstRand Full time

    Job DescriptionTo monitor processes and related controls in accordance with compliance methodology and minimum standards and provide support to experienced Regulatory Risk and Compliance professionals that require robust regulatory compliance advice and guidanceHello Future Compliance SpecialistWelcome to FNB, the home of the #changeables. We design for the...

  • Risk and Compliance Officer

    2 weeks ago

    Johannesburg, Gauteng, South Africa Unique Personnel Full time

    Job Number 68927Job Type PermanentJob Title Risk and Compliance OfficerComputer Skills Ms OfficeIndustry Insurance BrokeringCity JohannesburgProvince Gauteng Establishing, implementing, and maintaining a regulatory compliance management framework and function within the business in accordance with the overall risk management framework and group and licence...