Job Description

Job Summary To support delivery of the IT Risk and Cyber Security programs. The analyst plays two critical roles in support of these programs; to enable IT team-embedded security analysis and business enablement, and to drive risk management. This role looks to streamline risk and security processes in support of quality and speedy delivery in a complex and busy IT environment. The role requires some technical understanding and a passion for proactive risk and security management.Minimum requirements

• Grade 12 and relevant degree/diploma (3 years)
• Up to 8 years relevant experience in IT, IT risk, IT assurance and/or cyber security
• Relevant qualifications and certifications such as CISM, CISA, CRISC or CISSP
• Knowledge of IT and cyber security landscape, including systemic understanding of key business linkages and dependencies
• Aware of and responsive to internal and external events and influences on the technical landscape
• Ability to research technology-related concepts, trends, and best practices, and apply findings
• Appropriately derives and organises the essence of information to draw solid conclusions
• Looks beyond symptoms to uncover root causes of problems to be solved
• Synthesises data from different sources to identify trends
• Presents problem analysis and a recommended solution rather than just identifying and describing the problem itself
• Proactively approaches others to obtain missing information
• Demonstrates a results-oriented mindset in planning and implementing activities/projects
• Clearly defines objectives and translates them into workable activities
• Monitors and tracks progress to ensure delivery of all planned commitments, and keeps the appropriate people informed
• Prepares written reports and briefs and communicates ideas clearly
• Speaks fluently in team meetings when presenting information
• Manages existing partnerships within established agreements or contracts; negotiates adjustments when mutually beneficial to do so
• Genuinely cultivates personal bonds with colleagues to enhance performance throughout the organisation
• Adjusts to work effectively within new work structures, processes, requirements, or cultures
• Demonstrates resourcefulness in acquiring necessary knowledge, skills, and competencies to adapt to change
• A relentless pursuit of risk reduction
• Autonomy and a proactive approach to work
• Experience with IT GRC tools
• The ability to say yes, but and guide teams towards solutions that apply the right level of risk, governance, and security

Responsible for embedding IT and cyber risk management into IT teams:
o Integrate into the IT teams and establish yourself as a trusted advisor and assurance provider, not a policeman. And work as part of the extended IT Risk management function to:
o Promote a risk conscious mindset through stakeholder engagement and awareness
o Proactively identify, track, and manage IT and cyber risks
o Coordinate internal and external audits
o Help monitor compliance to policies and standards
o Report on the status of risks, remediation, and progress to IT management
o Engage in projects and help deliver risk-related activities such as third-party risk assessments
o Leverage the IT GRC tool to manage and report on risk items
o Be the go-to person in the team to help the team help themselves manage riskResponsible for cyber security analysis and coordination within IT teams:
o Be the first point of call for helping coordinate cyber security activities as part of projects and change within the IT team
o Leverage group security frameworks, policies, standards, and architecture to support the IT team in delivering change under the guiding principles of shift left and security by default
o Support the IT teams operational change requirements where relevant with guidance and advice
o Coordinate all these activities with the broader security team
o Identify and define security requirements for the IT team, for the broader security team to executeGijima HoldingsRecruiter

Job Mail