Technology Risk & Compliance Analyst needed urgently: APPLY NOW
Job Type: Permanent
Full job description
Technology Risk & Compliance Analyst
Support the Technology Risk & Compliance Manager to ensure security risks are appropriately managed through timely identification and assessment of risks.
Scope of the Role
Financial:
Geography:
N/A
Global (for security risk & compliance)
Size (Direct Reports):
Size (Indirect Reports):
N/A
Key Performance Indicators:
Complexity
· Number of technology risk assessments completed annually
· Number of technology risks tracked and included in the risk register
· Percentage of technology risks captured in the risk register that have all the attributes captured
· Number of unidentified technology risks per month
· Number of touch-points with technology and business stakeholders to discuss management of ongoing security risks
· Low to moderate complexity work requiring the person to track mitigation of security risks and liaise with a number of stakeholders internally within security and wider business functions (legal risk & compliance)
Key Business Contacts (Internal)
Key Business Contacts (External)
· Wider CISO and CIO teams
· Wider Group CISO GRC team
· Group Legal team including DPO
· Group Risk
· Regulators
Decision-Making Authority:
N/A
Professional Requirements
Education/Training/Computer skills:
· Essential to have industry certifications for example CRISC, CISA or CISSP
· Essential to have knowledge or experience working with security standards and frameworks, such as the ISO31000 Risk Management Framework
· Desirable to have knowledge or training for the ISO27001 and NIST security frameworkS
Experience:
As a Technology Risk and Compliance Analyst, you will be expected to demonstrate experience and knowledge across the following areas –
· Security risk management, security compliance, and basic knowledge of audits.
· Communicating technical and IT risks into tangible business risks and impacts.
· Working in a global organization (preferably within the manufacturing and/or security risk and compliance division) with stakeholders of varying seniority
· 1 – 2 years Exp within GDPR
· No Degree with Exp IT domain- covering: Tech risk Model, Penetration reports, Production System, Domain – IT Risk Mode
Competencies:
· Ability to design and execute key internal controls in a Technical Risk & Compliance environment
· Good understanding of technology risk management fundamentals, processes and frameworks
· Ability to communicate with stakeholders of varying seniority to explain technology risks in simple business language, with a clear scope of impact, risk ownership and accountability.
· Strong analytical skills, with a proactive work approach for identifying and remediating risks for the business and a proven ability to drive results.
· General knowledge of various Cybersecurity domains such as: data protection, identity & access management, with an ability to identify risks across these areas.
Job Type: Permanent
Salary: R48,000.00 – R50,000.00 per month
Apply Now
-Indeed