We are looking to hire an IT Risk and Security Analyst to support the delivery of the IT Risk and Cyber Security programs. The Analyst will play two critical roles in support of these programs; to enable IT team-embedded security analysis and business enablement, and to drive risk management. This role looks to streamline risk and security processes in support of quality and speedy delivery in a complex and busy IT environment. The role requires some technical understanding and a passion for proactive risk and security management.
What you’ll do:
- Integrate into the IT teams and establish yourself as a trusted advisor and assurance provider, not a policeman. And work as part of the extended IT Risk management function to:
- Promote a risk-conscious mindset through stakeholder engagement and awareness
- Proactively identify, track, and manage IT and cyber risks
- Coordinate internal and external audits
- Help monitor compliance to policies and standards
- Report on the status of risks, remediation, and progress to IT management
- Engage in projects and help deliver risk-related activities such as third-party risk assessments
- Leverage the IT GRC tool to manage and report on risk items
- Be the go-to person in the team to help the team help themselves manage risk
Responsible for cyber security analysis and coordination within IT teams
- Be the first point of call for helping coordinate cyber security activities as part of projects and change within the IT team
- Leverage group security frameworks, policies, standards, and architecture to support the IT team in delivering change under the guiding principles of ‘shift left’ and ‘security by default’
- Support the IT team’s operational change requirements where relevant with guidance and advice
- Coordinate all these activities with the broader security team
- Identify and define security requirements for the IT team, for the broader security team to execute
Your expertise:
- Up to 8 years relevant experience in IT, IT Risk, IT assurance, and/or cyber security
Qualifications:
- Grade 12
- Relevant degree/diploma (3 years)
We are looking for someone who has
- A relentless pursuit of risk reduction
- Autonomy and a proactive approach to work
- Experience with IT GRC tools
- The ability to say ‘yes, but’ and guide teams towards solutions that apply the right level of risk, governance, and security
Other information applicable to the opportunity:
- Permanent Position
- Location: Cape Town – Hybrid work model
Desired Skills:
- Adaptability
- Authenticity
- Partnership
- Ingenuity
- Mastery