Technology Risk Manager

Technology Risk Manager

Job Title: Technology Risk Manager
Location: Gauteng
Salary: 1000000.00
Reference: JN -032017-7896
Job Published: May 15, 2017 14:31

Job Description

Following the acquisition of a small but agile and innovative South African technology business, intends to bring the stability, strength and scale of a globally recognized and established bank together with the agility, simplicity and passion of a startup. As a values-led organization, we live by accountability, collaboration, integrity, service and excellence and our vibrant leaders are approachable, energized and open to create an inspiring place where people thrive and talent excels.
A dedication to meeting the needs of retail and SME banking customers in the South African market provides the focus needed to be successful.
In addition to a strategy that will take the group to a significant place in the South African economy the team are also developing technologies, propositions and solutions that can be leveraged throughout the emerging markets business. The South African business comprises an IT development capability in addition to the company focused on building new and exciting banking propositions.
The strategy is centered on financial inclusion through digital banking and financial literacy and is focused on innovative, digital offerings to retail and SME business customers across China, India, Vietnam, Indonesia and South Africa. International Financial Services is an exciting and vibrant part of the Group

This role reports to the CIO with a matrix line to the Head of Technology Risk International. The position will be actively involved in remediation activities for a large cyber security program and secure delivery of banking over the coming 12 months. The role will also be directly responsible for enabling the implementation of security controls commensurate with the risk appetite of the business. This role also engages directly with country risk teams, regional Cyber security and technology risk, country Heads of Technology, and other key business stakeholders. The Manager: Cyber Security & Risk is a key position tasked with embedding mandatory security and risk controls into the South Africa businesses. Managing all aspects of cyber security and technology risk, this regional role will leverage the regional team located in Hong Kong, and the Group teams to enable the business strategy, and be country lead and subject matter expert for the delivery of security controls for the South Africa business.
Whilst working with the regional team, this role is responsible for the successful coordination and outcomes of security control delivery, technology risk management, and cyber security threat management for all operations in South Africa. The role will need to help deliver and uplift the new digital bank, establish operational processes, plan and coordinate all security activities, understand technical and people challenges across South Africa, and lead the cyber security capability. This is a key role for the Digital Protection Group (DPG) International team, and success will be the delivery of secure banking services in the country.

Key Responsibilities

 Support the management of security & technology risks within the Bank
 Work with the Risk/Compliance Team in the execution of the IT Risk/Compliance Program by obtaining and analyzing data and information required for decisions in planning, scoping, and risk-assessing the review and/or conducting assigned testing.
 Perform compliance control operation of IT security controls including security incidents and performing user access controls
 Perform compliance activities including access recertification and process documentation and monitoring of SOX applications access logs
 Monitor IT open audit issues and coordinate remediation
 Maintain the IT Risk and Security Calendar
 Participate in the development of compliance audit procedures, supporting tools and reports to evaluate risks and controls
 Perform selected IT Risk Assessments on IT projects and controls
 Determine information security risk profiles for various vendor and business partner
 Proactively escalate any areas of concern and ensure remedial steps are identified and implemented
 Perform deep dive and thematic reviews as required including supplier and third party reviews.
 Perform root cause analysis and lessons learnt on risk events.
 Proactively identify potential fraud risks, cyber and information security risks and highlight to management.
 Experienced in proactively identifying technology risk, evaluating design and operating effectiveness of system controls 

People Capabilities
Our people capabilities are reflective of our culture and, regardless of level, are capabilities we expect to see demonstrated by all employees.

Customer Focus:
 Creating value in each customer interaction and focusing on the total customer experience,

Effective Communication:
 Communicating clearly and with impact to ensure understanding, engagement and commitment to action.

Team and Culture:
 Inspires others to demonstrate the Group’s values and works together to create a passionate, high performing culture.

Drive Results:
 Initiating action and committing to achieving business outcomes by taking accountability for goals.

 Understanding and using knowledge, industry information and financial drivers in decisions and actions.

Continuous Improvement:
 Continuously improving and innovating what we do to make things simple and easy for our customer and each other.

Your experience is ideally supported by the following:
 Strong technical knowledge of systems, networks, and security controls
 Outstanding communication skills both written and oral
 Outstanding influencing skills and organisation skills
 Ability to drive and manage own workload and operate within defined deadlines
 Seasoned understanding of Technology risk management principles and knowledge of Operational Risk and Compliance frameworks
 Inquisitive approach/ attention to detail
 Strong analytical and problem solving skills to develop acceptable solutions for the business
 Tertiary qualification in a relevant discipline will be preferred
• CISSP and/or CISA qualification desired

 7+ years’ experience in IT Risk role
 Significant technical knowledge of platform and network infrastructure, cyber security, and technology risk
 Experience in large transformational change
 Demonstrated experience in working in large Banking & Finance projects
 Experience in core banking, mobile and digital banking transformation
 Practical experience in managing stakeholders to effect change, including strong influencing skills
 Experience with deploying security controls
 Detailed understanding of SARB regulatory requirements in South Africa
 Experience in implementing and managing operational risk management frameworks in a banking, telecommunications or insurance environment
 Experience in technology risk governance and strong understanding of regulations relating to technology risk, and information security
 Ability to identify technology and other operational risks, influence the business to apply good risk practices
 Be able to multi task and be a self-starter.
 Ability to work with a broad range of stakeholders
 Previous experience in and technology risk advisory capacity. Personal competencies
 Able to work within a fluid environment, reacting to events and juggling multiple work streams and priorities;
 Able to work as part of a team while proactively and independently delivering;
 Able to work to deadlines;
 Personal accountability;
 Can deal with ambiguity/change;
 Can function under pressure and maintain a positive attitude;
 You have a can do attitude and a strong work ethic to prove it;
 Have good problem solving skills (analysis of options and impact assessment)
 Good initiative, high energy level, self-starter and self-management ability (requires moderate supervision levels only)
 Must be a team player and work for the good of the team
 Able to interact with end users and up to middle management level of a business
 Inter personal communications skills and presentation skills
 Lateral thinking (willing to change and accept new ideas / concepts)
 Analytical thinking & decision making ability in a complex environment
 Good problem solving skills (analysis of options and impact assessment)
 Flexibility and adaptability (Flexibility and innovation in approach)
 Motivating and influencing others (ability to lobby new concepts to relevant parties)
 People networking and good, rapid relationship building
 Customer-centric viewpoint
 High quality of output
 Consultative approach to resolution of issues and problems
 Able to coach and guide more junior developers
 Will be required to work outside normal working hours from time to time which may include weekends
 Will be required to be on standby from time to time. How often will depend on the schedule setup
 May be required to travel (both local and international) from time to time
 Must be able to work in a high stress environment and maintain a positive attitude
 Have your own reliable transport
 Have your own cellphone
 Have a valid driver’s license
 Have a clear criminal and credit record

Get similar jobs like these by email

By submitting your details you agree to our T&C's