Apply for Job

IT Risk Manager

Vacancy Details

Reference No.



A leading financial services provider is currently seeking an incumbent to assume the role of IT Risk Manager. The successful incumbent will be responsible for developing and monitoring the implementation of Operational Risk Management Frameworks within the organisation and its subsidiaries which comply to regulatory requirements and ensure alignment to international best practices.


  • Provide oversight and assurance on the management of IT risks within relevant business areas (including IT initiatives/ projects).
  • Conduct IT risk and controls reviews across the cluster to evaluate whether related IT Risks are adequately identified, assessed, measured, monitored, controlled and mitigated.
  • Provide assurance by identifying and reporting gaps in the management of IT risks emanating from related business initiatives/ projects.
  • Provide guidance and effective challenge on the IT risks assessments performed on new products, processes, systems and projects.
  • Effectively communicate IT compliance standards to business areas.
  • Regularly benchmark IT risk management practices to industry best practice.
  • Provide ongoing feedback and reports on the cluster’s IT risk profile and management thereof.
  • Effectively implement the IT Risk Management Framework (ITRMF) and Cyber Resilience.
  • Risk Management Framework (CRRMF) across the cluster.
  • Assist the cluster to improve their information security risk profile through identification, assessment, measurement and monitoring of the cluster’s information security risks.
  • Drive compliance to security policies and standards on cluster infrastructure.
  • Represent business as a Business Information Security Officer (BISO) and primary interface between the cluster and CISO office.
  • Complete cyber security risk assessments, ensuring that they are understood, captured in the risk management processes that appropriate controls are embedded in the day-to-day operations, and remediation of non-compliance is documented and addressed.
  • Actively execute the cyber security programme elements and other information and cyber security plans developed by the business.
  • Assist the cluster with identification of critical assets from a confidentiality point of view (“crown jewels”) and feeding that back into the business impact analysis and risk management processes.


  • Chartered Accountant, Advanced Diplomas/National 1st Degrees or MBA.
  • 5 - 8 years’ experience in Risk, Governance and Auditing and/or 8 - 10 years’ experience in banking and/or insurance.
  • Microsoft Office Proficiency.
  • Principles of financial management.
  • Principles of project management.
  • Relevant regulatory knowledge.
  • Relevant software and systems knowledge.

Kindly note, if you have not heard from us within two weeks of your application please consider it unsuccessful.

Position Type


Work Level



Market Related


Banking/Finance And Investment

Salary Type



Cost To Company

Affirmative Action


Geographic Location

Gauteng - JHB North