GRC Specialist

6 days ago

Somerset West, Western Cape, South Africa CyberSentriq Full time R450 000 - R900 000 per year

Closing Date: 31st October

Location: Somerset West

Your Story

You're someone who thrives at the intersection of strategy, security, and innovation. You care deeply about building trust-across teams, with customers, and within systems. You're passionate about governance, risk, and compliance, and you're excited by the opportunity to shape how a fast-growing tech company approaches AI, automation, and resilience. You want your work to matter-to protect people, data, and the future of technology.

If that sounds like you, we'd love to meet you.

Your Responsibilities:

As our GRC Specialist, you'll be a key driver of our security-first culture. You'll lead initiatives that ensure our governance, risk, and compliance frameworks are robust, forward-thinking, and aligned with global standards. You'll work cross-functionally to embed security into every layer of our business-from product development to vendor management.

Governance & Strategy

  • Develop and evolve security governance frameworks, policies, and standards.
  • Define and communicate our risk appetite across the organisation.
  • Lead internal audits and support external compliance reviews. Risk Management

Risk Management

  • Conduct risk assessments and gap analyses, and design mitigation strategies.
  • Maintain dashboards and reports on IT risk posture and control effectiveness.
  • Support business continuity and disaster recovery planning.

Compliance & Regulatory Alignment

  • Ensure compliance with GDPR, HIPAA, POPIA, CCPA, and other global regulations.
  • Maintain cyber insurance coverage through policy adherence.
  • Prepare for and support ISO, SOC2, and NIST audits.

Data Privacy & Protection

  • Act as our Data Protection Officer (DPO).
  • Implement data classification, access controls, encryption, and retention policies.
  • Lead incident response for data breaches and liaise with regulators.

AI & Emerging Technologies Governance

  • Develop governance frameworks for AI and emerging technologies.
  • Assess ethical, societal, and regulatory risks of AI deployment.
  • Champion responsible and inclusive AI use across the business.

Security Controls & Monitoring

  • Implement and monitor security controls across systems and applications.
  • Oversee vulnerability management, penetration testing, and bug bounty programmes.
  • Collaborate with engineering teams on secure coding and AppSec practices.

Third-Party Risk Management

  • Conduct vendor security due diligence and contractual risk assessments.
  • Partner with procurement to reduce third-party risks.

Security Awareness & Culture

  • Design and deliver engaging training programmes, including phishing simulations.
  • Foster a security-first mindset across all teams.
  • Promote adoption of ISO 27001 and other relevant standards.

Reporting & Continuous Improvement

  • Provide monthly GRC effectiveness reports to senior leadership.
  • Define and track KPIs aligned with business goals.
  • Lead continuous improvement initiatives based on audit findings and threat intelligence.

Your Story:

  • 5+ years in GRC, risk management, or information security.
  • Strong knowledge of ISO 27001, SOC2, NIST, CoBIT, ITIL, and PCI frameworks.
  • Experience with data privacy regulations and AI governance.
  • Excellent communication and stakeholder engagement skills.
  • Proven ability to lead cross-functional teams and manage budgets.
  • CISM or equivalent certification (or working towards it).

AI & Automation Integration

  • Use AI tools for risk analysis, compliance monitoring, and threat detection.
  • Promote automation in vulnerability scanning, reporting, and policy enforcement.
  • Ensure ethical and secure use of AI across business functions.
  • Exposure to AI-driven security monitoring and automated compliance reporting will be part of your development journey.

Celebrate Your Benefits with Us
Enjoy 20 days paid Holiday

2 CARE Days - Give Back and Get Your Birthday Off as a Thank You

Private Medical - Caring for You Inside and Out

Collaborative and Supportive Work Environment

Recognition for Your Contributions

Opportunities for Professional/Personal Growth

Career Advancement in Our Dynamic and Innovative Company

Find out more about our Private Equity Investors and why working for a PE company is game changing.

Bregal Milestone - Inspired by ambition. Driven by growth
As CyberSentriq embarks on its journey as a new company, we are excited to announce our MSP-first approach, AI-driven capabilities, and the integration of TitanHQ and Redstor. Our strategic goals are aligned with our vision to become a high-growth, innovative cybersecurity platform targeting $100M ARR by 2028.

CyberSentriq is committed to providing cutting-edge cybersecurity solutions that empower Managed Service Providers (MSPs) to deliver exceptional services to their clients. With our AI-driven capabilities, we aim to enhance threat detection, response, and prevention, ensuring the highest level of security for businesses of all sizes.

The integration of TitanHQ and Redstor into our platform further strengthens our offerings, providing comprehensive protection against cyber threats and data loss. This collaboration enables us to deliver a unified solution that addresses the evolving needs of the cybersecurity landscape.

Join us in our mission to revolutionise the cybersecurity industry and achieve our ambitious growth targets. As a Product Owner at CyberSentriq, you will play a pivotal role in driving our success and shaping the future of cybersecurity.

  • Please note that we do not accept speculative CVs from recruitment agencies. All submissions must be in response to specific job vacancies listed by our company. Any unsolicited CVs will be considered the property of CyberSentriq, and no fees will be payable in relation to them.