IT: Governance, Risk & Compliance Security Analyst - - Pretoria

Recruiting a Governance, Risk & Compliance Security Analyst to work in Information Technology: IT Security and Governance (Long Term Insurance Industry). This is a perm position. The ideal candidate must have a minimum of 5yrs Governance Risk & Compliance, coupled with proven experience in implementing frameworks, Processes, and Policies Duties and responsibilities: Audit and Security Ensure security audits are conducted. Conduct follow up on security assessments. Conduct follow ups on IT audits; Develop and implement Cyber Security Framework/s Develop; Implement & Manage Vulnerability Management Process. Conduct follow up on cybersecurity penetration test & vulnerability assessment as per process. Be the 1st point of contact for both internal/ external auditors Conduct follow ups on IT audits & ensure closure on findings Develop & implement a security awareness program for the organization, agents, 3rd parties & Sales Representatives. Reports on security assessments & IT audits. Governance Evaluate, enhance & continuously improve IT Governance Evaluate policies, procedures, & processes compliance with regulations Develop systems & processes to improve our IT governance. Develop policies, processes & participate in acquiring technology & implementation of said policies, processes to improve IT GRC Report on the regulatory environment & Company compliance threats Guide on how legislation & regulations should be implemented. Risk Management Provide a Statement of Assurance for the IT in the Combines assurance Continuously liaise with the Group Risk Management on new developments (internal) evolution of industry (external) & the risk it introduces, the risk management & mitigation processes & strategies Works with IT, Information Security & Business stakeholders to determine the acceptable level of risk for the organization Assist in performing Third Party Risk Assessments for new & existing vendor tools, on-premise implementations, & third parties with access to the environment. Assist in maturing the Third-Party Risk Management program by defining security controls required of vendors. Articulate identified risks to the business for remediation, mitigation & sign-off. Identify, monitor & report on Key Risk Indicators Compliance and Monitoring Monitor compliance to Cyber Security Framework based on ISO27001/2 & NIST Monitor compliance to IT Governance Framework based on ISO 38500; King IV; COBIT Monitor compliance to Enterprise Risk Management Framework based on ISO 31000 Monitor Compliance to Risk Manage Joint Standard with FSCA & Prudential Authority Monitor Compliance to Cybersecurity & Resilience Joint Standard with FSCA & Prudential Authority Perform assessments of adherence to standards Ensure the IT & Information Security team stays abreast of new regulatory, legal, and/or compliance data security requirements. Monitor compliance with IT Policies Ensure that processes are implemented & followed Software Licensing Consolidating & identifying an organizations license entitlement Working out upgrades, downgrades & technology guarantees Auditing & managing license agreements Dealing with ad-hoc SAM requests Negotiate new software contracts & agreements Re-harvest unused licenses Optimize current entitlement allocation Completing projected license modeling exercises for internal projects & to meet organizational growth Identifying, implementing & managing software processes & policies around: Formal Education Matric Diploma/Degree in an IT-related field Technical/Legal Certification ITIL COBIT Implementer CGEIT CRISC ISO27001 Foundation Certificate Certified Software Asset Manager Experience IT experience: 10 years Insurance industry experience: 5 years (advantage) Governance Risk and Compliance Experience: 5 years Proven experience in implementing Frameworks, Processes & Policies Apply Now

Share this job with someone you think should apply!

Facebook

IT: Governance, Risk & Compliance Security Analyst - Pretoria

Related Jobs

Information Security Specialist Pretoria North - South Africa

INFORMATION SECURITY SPECIALIST (12 MONTHS FIXED-TERM CONTRACT) - Pretoria

Information Security Specialist (12 Month Fixed-Term Contract) - Pretoria

Governance Administrator Pretoria - Pretoria

Chief Operations Officer Pretoria - Pretoria

Want to do another search?