Risk Manager: It

Job Family- Risk, Audit and Compliance
- Career Stream- Operational Risk

**Job Purpose**
- To facilitate the implementation of the Enterprise-Wide IT Risk Management Framework and Operational Risk Management Framework in Nedbank to comply to regulatory requirements and ensure alignment to international best practice.

**Responsibilities**:

- IT Risk / Cyber Risk- Assist and support in the implementation of the various risk frameworks within Group Finance i.e., Enterprise-Wide management Risk Framework, Operational Risk Management Framework, IT Risk Management Framework, and Cyber Risk Management Framework.
- Ensure risk framework methodologies, policies and processes are effectively implemented across the business.
- IT Projects and robotics process automation (RPA) risk management including management and support of the project risk assessments process.
- Perform IT risk and control assurance reviews to ensure IT risks are identified and monitored.
- Involvement in cloud materiality assessments, documentation, monitoring and support.
- IT/Cyber risk data management, analysis and trend reporting to enable risk insights.
- Identify emerging IT risks through evaluating internal and external risk environment on a continuous basis.
- Coordinates cluster feedback for the Reporting of Material IT Incidents to the SARB.
- Working in relation and conformity with internal and external auditors including issue assurance on IT risk findings.
- Stay abreast of developments in field of expertise, identify emerging risks and ensuring personal and professional growth and deliver on stakeholder expectations.
- Share IT risk knowledge, resources and practices with team to enable upskilling.
- Business Risk Management- Provide end-to-end risk management services to allocated business portfolios within the cluster.
- Facilitate effective risk identification, assessment, evaluation and reporting within the cluster and across the Group.
- Assist in the identification, monitoring and reporting on KRIs.
- Plan, co-ordinate and execute cluster risk management plans, activities and projects.
- Review and report on the effectiveness of internal risk management practices, processes and controls.
- Monitor and analyse operational risk losses and control breakdowns.
- Identify risk management training requirements and facilitate fulfilment thereof.
- Assist with the management, investigation and analysis of risk incidents, audit findings or events (including root cause analysis, recommending corrective measures and development of future risk management strategies).
- Provide guidance on, and participate in, various assurance and oversight activities as required by the organisation’s co-ordinated assurance approach and governance structures.
- Identify and recommend opportunities to enhance processes; systems and policies to ensure effectiveness and support implementation of new processes; policies and systems.
- Attend and report to various management, project, risk, audit, IT forums and steering committees.
- Develop and maintain partnerships with stakeholders and other assurance providers to facilitate accomplishments of risk objectives.
- Become a trusted advisor to, and influence decision making of stakeholders by providing an advisory service, guidance and support on risk management practices.
- Essential Qualifications - NQF Level- Advanced Diplomas/National 1st Degrees
- Professional Qualifications/Honour’s Degree
- Preferred Certifications- CISA—Certified Information Systems Auditor
- CRISC—Certified in Risk and Information Systems Control
- Minimum Experience Level- 5 - 8 years’ experience in Risk, Governance, Auditing, IT and Cyber Risk and/or 8 - 10 years’ experience in banking and/or insurance.

**Behavioural Competencies**
- Building Partnerships
- Communication
- Decision Making
- Stress Tolerance
- Technical/Professional Knowledge and Skills
- Adaptability

**Professional/Technical Competencies**
- Banking procedures
- Business terms and definitions
- Communication Strategies
- Data analysis
- Principles of financial management
- Principles of project management
- Relevant software and systems knowledge
- Technologies
- Cluster Specific Operational Knowledge
- Operational risk
- Type of Exposure- Conducting root cause analysis
- Developing ways to manage risks
- Drafting reports
- Sharing information in different ways to increase internal stakeholders understanding
- Writing business proposals
- Communicating complex written information Interacting with regulatory and industry bodies
- Identifying trends
- Preparing and delivering presentation
- Analyzing business operations
- Managing multiple projects
- **_Please contact the Nedbank Recruiting Team at +27 860 555 566_