FNB Connect and Service Provider is looking for a dynamic and highly driven IT Risk Manager to join their team. The successful applicant will ensure the effective application of the business risk management framework within technology and information systems. Oversee business continuity, security, and quality by ensuring that IT solutions are secure, resilient, and aligned with the strategic goals of the business. Provide consultative services with a security and risk focus to safeguard IT operations and drive innovation, while enhancing the overall risk culture.
Key Responsibilities:Risk Culture and Stakeholder Engagement: Foster a strong risk-aware culture aligned with the business objectives and FSR Promises.Cultivate objective working relationships with various stakeholders, including peers, subject matter experts (SMEs), project managers, and senior leadership.Actively participate in Risk Hubs and other risk forums, including RiskX, to provide thought leadership and ensure IT risk integration into broader business strategies.Risk Identification, Assessment, and Mitigation: Proactively identify, analyze, and evaluate risks across IT and business operations.Ensure appropriate control measures are implemented to mitigate risks.Conduct impact analysis on new projects, system changes, and business developments to assess risks and ensure adequate protection of critical resources.Oversee the creation of action plans within IT to address identified risks, ensuring compliance with legislative, audit, and business policy requirements.IT Risk Advisory and Reporting: Provide expert advice on IT risk, compliance, and governance frameworks, ensuring that IT risk policies are well understood and applied consistently.Contribute to the creation, review, and continuous improvement of IT risk reports, ensuring the accuracy, relevance, and timeliness of data provided to senior management.Collaborate with other risk functions to ensure that IT risk management aligns with enterprise-wide risk management strategies.Serve as a trusted advisor to IT and business teams on risk mitigation strategies, especially regarding changes in the IT environment or the launch of new initiatives.Work closely with Group IT teams to monitor and evaluate the potential risks associated with proposed changes to the IT infrastructure, ensuring alignment with business continuity and disaster recovery plans.Monitoring and Continuous Improvement: Monitor and analyze IT risk performance across the business, generating reports to provide key insights and identify areas for improvement.Conduct regular reviews and audits to ensure that deficiencies in IT controls and processes are promptly remediated.Continuously benchmark internal IT risk practices against leading industry standards (e.g., COBIT, ISO 27001) to ensure Connect's risk management practices remain current and competitive.Governance, Policy, and Compliance: Ensure adherence to internal governance structures, participating in relevant business unit committees (e.g., IT Risk Committees, BU IT Exco, Project Steering Committees).Recommend and drive the implementation of necessary updates to IT risk and security policies, procedures, and standards.Annually review and report any gaps in IT policies and procedures, ensuring all new and existing standards comply with regulatory and business requirements.Business Continuity and Disaster Recovery (BCP/DR): Assess and continually improve business continuity plans (BCP) and disaster recovery (DR) processes within the business.Lead the crisis management response for IT-related incidents, ensuring the business has a solid action plan to minimize disruptions and recover critical systems efficiently.Operational Efficiency and Cost Management: Identify and implement process improvements that reduce risk exposure while enhancing operational efficiency.Manage team budgets, control expenditure, and find opportunities to optimize costs within the IT risk management function.Qualifications and Experience: Educational Background: A degree in IT, Computer Science, Information Systems, or a related field. A risk management certification (e.g., CRISC, CISSP, CISM) is advantageous.Experience: Minimum of 5-7 years' experience in IT risk management, IT governance, or IT audit, with demonstrated expertise in applying risk management frameworks in complex IT environments.Technical Knowledge: Strong understanding of IT infrastructure, cybersecurity risks, cloud solutions, and emerging technologies. Knowledge of risk frameworks such as COBIT, NIST, and ISO 27001.Key Competencies: Strong problem-solving and analytical skills, with the ability to assess risks and recommend innovative solutions.Excellent communication and stakeholder management skills, with the ability to present complex IT risk issues to senior leadership in a clear, confident and concise manner.Ability to balance strategic risk management with operational execution, ensuring that IT risks are addressed without hindering business innovation.Are you interested to take the step? We look forward to engaging with you further. Apply now!
#J-18808-Ljbffr