Technology Risk & Compliance Analyst needed urgently: APPLY NOW

Job Type: Permanent

Full job description

Technology Risk & Compliance Analyst

Support the Technology Risk & Compliance Manager to ensure security risks are appropriately managed through timely identification and assessment of risks.

Scope of the Role

Financial:

Geography:

N/A

Global (for security risk & compliance)

Size (Direct Reports):

Size (Indirect Reports):

N/A

Key Performance Indicators:

Complexity

· Number of technology risk assessments completed annually

· Number of technology risks tracked and included in the risk register

· Percentage of technology risks captured in the risk register that have all the attributes captured

· Number of unidentified technology risks per month

· Number of touch-points with technology and business stakeholders to discuss management of ongoing security risks

· Low to moderate complexity work requiring the person to track mitigation of security risks and liaise with a number of stakeholders internally within security and wider business functions (legal risk & compliance)

Key Business Contacts (Internal)

Key Business Contacts (External)

· Wider CISO and CIO teams

· Wider Group CISO GRC team

· Group Legal team including DPO

· Group Risk

· Regulators

Decision-Making Authority:

N/A

Professional Requirements

Education/Training/Computer skills:

· Essential to have industry certifications for example CRISC, CISA or CISSP

· Essential to have knowledge or experience working with security standards and frameworks, such as the ISO31000 Risk Management Framework

· Desirable to have knowledge or training for the ISO27001 and NIST security frameworkS

Experience:

As a Technology Risk and Compliance Analyst, you will be expected to demonstrate experience and knowledge across the following areas –

· Security risk management, security compliance, and basic knowledge of audits.

· Communicating technical and IT risks into tangible business risks and impacts.

· Working in a global organization (preferably within the manufacturing and/or security risk and compliance division) with stakeholders of varying seniority

· 1 – 2 years Exp within GDPR

· No Degree with Exp IT domain- covering: Tech risk Model, Penetration reports, Production System, Domain – IT Risk Mode

Competencies:

· Ability to design and execute key internal controls in a Technical Risk & Compliance environment

· Good understanding of technology risk management fundamentals, processes and frameworks

· Ability to communicate with stakeholders of varying seniority to explain technology risks in simple business language, with a clear scope of impact, risk ownership and accountability.

· Strong analytical skills, with a proactive work approach for identifying and remediating risks for the business and a proven ability to drive results.

· General knowledge of various Cybersecurity domains such as: data protection, identity & access management, with an ability to identify risks across these areas.

Job Type: Permanent

Salary: R48,000.00 – R50,000.00 per month

Apply Now

-Indeed