ENVIRONMENT:
YOUR relentless pursuit of risk reduction and expertise as an IT Risk and Security Analyst is sought by a reputable Retail Group to support its delivery of the IT Risk & Cyber Security programs. Your will serve in two critical roles in support of these programs; to enable IT team-embedded security analysis and business enablement, and to drive risk management. This role looks to streamline risk and security processes in support of quality and speedy delivery in a complex and busy IT environment. The role requires Grade 12, a suitable 3-year Degree/Diploma, up to 8 years’ IT/IT Risk/Assurance or Cyber Security experience including have worked with IT GRC tools, some technical understanding and a passion for proactive Risk and Security Management.
DUTIES:
Responsible for embedding IT and Cyber Risk Management into IT teams –
- Integrate into the IT teams and establish yourself as a trusted advisor and assurance provider, not a policeman.
- Promote a risk conscious mindset through stakeholder engagement and awareness
- Proactively identify, track, and manage IT and cyber risks.
- Coordinate internal and external audits.
- Help monitor compliance to policies and standards.
- Report on the status of risks, remediation, and progress to IT management.
- Engage in projects and help deliver risk-related activities such as third-party risk assessments.
- Leverage the IT GRC tool to manage and report on risk items.
- Be the go-to person in the team to help the team help themselves manage risk.
Responsible for Cyber Security analysis and coordination within IT teams –
- Be the first point of call for helping coordinate Cyber Security activities as part of projects and change within the IT team.
- Leverage group security frameworks, policies, standards, and architecture to support the IT team in delivering change under the guiding principles of ‘shift left’ and ‘security by default’.
- Support the IT team’s operational change requirements where relevant with guidance and advice.
- Coordinate all these activities with the broader security team.
- Identify and define security requirements for the IT team, for the broader security team to execute.
REQUIREMENTS:
Mandatory –
- Grade 12 and relevant Degree/Diploma (3 years).
- Up to 8 years relevant experience in IT, IT Risk, IT Assurance and/or Cyber Security.
- A relentless pursuit of risk reduction.
- Autonomy and a proactive approach to work.
- Experience with IT GRC tools.
- The ability to say ‘yes, but’ and guide teams towards solutions that apply the right level of risk, governance, and security.
Advantageous –
- Relevant qualifications and certifications such as CISM, CISA, CRISC or CISSP.
- Knowledge of IT and Cyber Security landscape, including systemic understanding of key business linkages and dependencies.
ATTRIBUTES:
- The zest for assisting outside of working hours when required.
- Is aware of and responsive to internal and external events and influences on the technical landscape.
- Ability to research technology-related concepts, trends, and best practices, and apply findings.
- Appropriately derives and organises the essence of information to draw solid conclusions.
- Looks beyond symptoms to uncover root causes of problems to be solved.
- Synthesises data from different sources to identify trends.
- Presents problem analysis and a recommended solution rather than just identifying and describing the problem itself.
- Proactively approaches others to obtain missing information.
- Demonstrates a results-oriented mindset in planning and implementing activities/projects.
- Clearly defines objectives and translates them into workable activities.
- Monitors and tracks progress to ensure delivery of all planned commitments, and keeps the appropriate people informed.
- Prepares written reports and briefs and communicates ideas clearly.
- Speaks fluently in team meetings when presenting information.
- Manages existing partnerships within established agreements or contracts; negotiates adjustments when mutually beneficial to do so.
- Genuinely cultivates personal bonds with colleagues to enhance performance throughout the organisation.
- Adjusts to work effectively within new work structures, processes, requirements, or cultures.
- Demonstrates resourcefulness in acquiring necessary knowledge, skills, and competencies to adapt to change.
While we would really like to respond to every application, should you not be contacted for this position within 10 working days please consider your application unsuccessful.
COMMENTS:
When applying for jobs, ensure that you have the minimum job requirements. OnlySA Citizens will be considered for this role. If you are not in the mentioned location of any of the jobs, please note your relocation plans in all applications for jobs and correspondence. Apply here [URL Removed] OR e-mail a Word copy of your CV to [Email Address Removed] and mention the reference number of the job.
Desired Skills:
- IT
- Risk
- and