It Risk Specialist

Hello Future IT Risk Specialist Welcome to FNB, the home of the #changeables. We design for the shapeshifters and deliver products and services that make us incredibly proud of people that make it happen. As part of our talented team, you will be surrounded by unique talents, diverse minds, and an adaptable environment that lives up to the promise of staying curious. Now's the time to imagine your potential in a team where experts come together and ignite effective change. Responsibilities To provide specialist advice, guidance and support to the business and technology community to ensure appropriate development and implementation of an IT risk management programme in accordance with governance and IT risk requirements. To oversee the implementation and monitoring of a risk management framework including policies, standards and security. architecture to ensure sound IT management practices Maintain expert knowledge on relevant legislative amendments, industry best practices and provide advice to relevant stakeholders. Maintain up to date knowledge of local and global trends. Provide thought leadership and expertise. Identify sources of the risk, areas of impact, events and their causes and potential consequences that might create, enhance, prevent, degrade, accelerate, or delay the achievement of IT objectives. Determine the level of risk, which is defined as the combination of the consequences and likelihood of the inherent risk. Conduct impact analysis to ensure resources are adequately protected with proper control measures within acceptable levels of residual risk. Assist IT with creating action plans to mitigate potential risks within the IT environment and comply with governance in terms of legislative, audit and business policy requirements. Follow up on deficiencies identified in monitoring reviews, self‑assessments, automated assessments, and internal and external audits to ensure that appropriate remediation measures have been taken. Contribute to IT Risk reports, and review and assess quality and accuracy of IT reports. Monitor and analyse IT Risk performance and generate reports Identify areas needing improvement and develop recommendations Partner with business and IT about monitoring and reviewing risk performance. Provide advice and support to business about tools and methodologies to mitigate IT risks and issues, and to improve identified control weaknesses. Consult with business and technical staff on potential operational impacts of proposed changes to the IT environment. Inform stakeholders about IT risk issues and activities affecting the assigned area or project Report to management concerning residual risk. Attend relevant BU committees e.g., Monthly BU IT Risk Committee, BU IT Exco, Project Steering committees, New Product Approval, CAB etc. Monitor the BU's development of DR / BCM test plans, testing, and documentation for each application Review selected change requests to ensure they are appropriately incorporated into the larger business plan. Assist in the identification of root causes (including identification of control failures) of IT‑related incident recommend appropriate mitigation of root cause. Maintain an up‑to‑date understanding of industry best practices. Test adequacy of existing controls and recommend actions for improvement. Monitor the Business Unit's compliance with Group security policies and standards with guidance from their respective ISO and IT Risk Manager Oversee hygiene reporting and action plans to remediate noncompliance Assess and monitor the risk posture against tolerance. Provide risk posture on area / system being audited, including known issues and action plans. Assist Business / IT with creating action plans to mitigate the risks from the audit findings. Assess the adequacy of action plans defined by business. Determine revised dates for overdue where necessary and ensure formal revision process is followed. Undertake periodic reviews of the contracts / arrangements to ensure these comply with the Group Sourcing and Vendor Management policy. Provide IT Risk briefings to advise on critical issues that may affect the business. Conduct knowledge transfer training sessions to both internal and external stakeholders regarding risk programmes. Monitor accuracy of the IT Asset Register and CMDB (Configuration Management Database). Monitor the IT process for updating IT Asset Register and CMDB. Provide recommendations for the IT Continuity and Risk Frameworks / Guidelines based on findings from analyses of usage and practices in IT. Provide advice and support to the BU to ensure that IT Risk is fully functional and in accordance with frameworks and Risk requirements. Manage the conceptualisation, planning, and delivery of IT Risk Management projects as assigned. Collaborate with IT Operational / Risk teams to ensure delivery of projects. Provide status updates to relevant stakeholders. Serve in an advisory role in application development and infrastructure projects to assess risks. Recommend and ensure implementation of required changes to IT risk and security policies and procedures Benchmark current IT practices against leading practices and existing frameworks. Annually review and report any gaps in IT policies, procedures, standards both current and new Recommend required changes to IT policies, procedures, standards. What you bring An adaptable problem solver who does not fear change but thrives from it. A disruptor in your field of IT expertise An initiative taker who identifies opportunity and improves Known for your delivery track record. Wanting to be in a career that makes meaningful contribution to your and other people's lives. We’ll make a good match if you’re: Curious - you're driven by always wanting to know more and learn more. Obsessed with mastery - you know what it takes to become good at what you do and are constantly pushing yourself to do it. Courageous - you're brave enough to think and do things differently and are always ready to put your hand up and take ownership. A team player - you believe in the power of teams so you're always part of one, building and leveraging your networks. Emotionally intelligent - you have a high EQ that enables you to truly connect with people, no matter how technical or specialist your role is. Benefits Inspiring work environment Work that is challenging Space to make a difference. Opportunities to innovate. Focus on health and wellbeing (onsite wellness center, gym and crèche at our main campus to innovative employee wellbeing and financial fitness programmes) Resources to help you with your professional development. Generous leave policy Preferential employee banking rates When it comes to learning and development, we encourage our changeable to expand their knowledge, on their own, with others, in person or online. As for our workspace, it is immersive, collaborative, and energetic because at FNB, innovation is our lifeblood and change in our DNA. Application Deadline Take note that applications will not be accepted on the below date and onwards, kindly submit applications ahead of the closing date indicated below. 31 / 10 / 25 Employment Equity All appointments will be made in line with FirstRand Group's Employment Equity plan. EEO Statement The Bank supports the recruitment and advancement of individuals with disabilities. In order for us to fulfill this purpose, candidates can disclose their. #J-18808-Ljbffr