Sorry, the offer is not available,
but you can perform a new search or explore similar offers:

Tax Reporting Specialist

Description To provide tax reporting, system and operational support in relation to various tax regulationsHello Future Tax SpecialistWelcome to FNB, the hom...


Firstrand Bank Limited - Gauteng

Published a month ago

Financial Controller

Financial Controller - Rneg (Randburg) This Auditing and training company based in Randburg seeks a Financial Controller with strong experience in Managing p...


Prr Recruitment Services - Gauteng

Published a month ago

Debt Collection Agent

ParcelHero is one of the UK's biggest parcel delivery price comparison sites. With over 5 million visitors a year, and over 100 remote employees worldwide, w...


Parcelvision - Gauteng

Published a month ago

Group Financial Accountat

Job Description RESPONSIBILITIES: a) Head office companies: - Accounting for Debtors (Intercompany transactions) - Accounting for Creditors (Incl. Creditor r...


Synergy Recruitment - Gauteng

Published a month ago

It Governance, Risk And Compliance (Grc) Specialist / Analyst

Details of the offer

IT GRC Analyst is a multifaceted role that encompasses responsibilities across IT governance, risk management, compliance, cybersecurity, business and systems requirements and analysis. This position ensures the organisations IT infrastructure is secure, compliant, and aligned with business objectives, while also supporting system improvements, process optimisation, and technology integration within the Numata Managed Services business model and associated IT GRC framework.
The analyst will lead the design and enforcement of security and compliance policies, manage business and system requirements, and provide strategic insights for enhancing overall IT and business operations.
IT GRC specialist / analyst Key Responsibilities:
IT Governance, Risk, and Compliance (GRC) Responsibilities:

Policy Development and Compliance: Design and enforce IT governance frameworks and standards such as CIS, ISO 27001, NIST, and COBIT etc., amongst others.
Ensure compliance with regulatory requirements, privacy and other such as POPIA GDPR, HIPAA, and PCI-DSS as and where applicable.
Conduct internal audits and prepare for external compliance assessments, ensuring that all controls and processes meet regulatory obligations.

Risk Management and Reporting:

Identify, assess, and mitigate IT and cybersecurity risks, maintaining an up-to-date risk register.
Generate risk management reports, perform gap analyses, and recommend risk treatment plans.
Collaborate with internal & Client stakeholders to align risk management practices with business objectives.

Cybersecurity Analysis Responsibilities:

Risk and control assessments and recommendations for improvement (risk mitigation, control strength and maturity roadmaps) for: Threat and Vulnerability Management; Cybersecurity risk and controls such as firewalls, intrusion detection, and endpoint protection.
Incident Response and Continuous Monitoring: Develop and maintain incident response plans, ensuring timely detection, investigation, and resolution of security incidents. Conduct post-incident reviews and root cause analyses to strengthen future incident response capabilities.

Business and Systems Analysis Responsibilities:

Requirements Gathering and Documentation: Work with business stakeholders to understand and document business requirements, translating them into technical solutions and system specifications. Perform gap analyses between current systems and desired outcomes, recommending enhancements to meet business needs.
System Implementation and Optimisation: Collaborate with IT and development teams to ensure that systems are aligned with both security requirements and business objectives. Monitor the performance and effectiveness of business systems, recommending optimisations and enhancements based on data-driven insights.

Collaboration and Engagement:

Cross-Functional Coordination: Act as the liaison between IT, business units, compliance, and development teams, ensuring alignment in project goals and objectives. Support vendor risk management efforts by evaluating third-party compliance and security practices.
Project and Change Management participation: Lead IT and business system projects from inception through delivery, including risk management, timeline tracking, and stakeholder communication.

Qualification, Certification & Skills

Advantage: Bachelors degree in Information Technology, Computer Science, Business Administration, or related field. Certifications (An advantage): CISM, CISSP, CISA, CRISC, CBAP, or similar.
Technical Skills: Strong knowledge of GRC frameworks (CIS, ISO, NIST, COBIT), security tools (SIEM, IDS/IPS), and business process modelling techniques (BPMN, UML).
Analytical Skills: Proficient in conducting risk assessments, vulnerability analysis, and translating business needs into technical requirements.
Communication: Excellent ability to articulate complex technical information to non-technical stakeholders, alongside clear and precise documentation skills.
Project Management: Proven experience in managing cross-functional projects involving IT governance, cybersecurity, and business process improvements.

Key Competencies:

Strong ethical judgment, integrity, and commitment to best practices in compliance and risk management.
Problem-solving, analytical mindset with a focus on problem-solving and continuous improvement.
Effective communication and interpersonal skills, including conflict-management, working across multiple teams and with diverse stakeholders.
Quality management.

Experience:

3+ years of combined experience in IT GRC, cybersecurity, and business systems analysis.

#J-18808-Ljbffr


Nominal Salary: To be agreed

Source: Whatjobs_Ppc

Job Function:

Requirements

Built at: 2024-11-14T08:28:50.625Z