IT and Operational Risk Specialist at Momentum Metropolitan Holdings Limited

Company:

Momentum Metropolitan Holdings Limited

Momentum Metropolitan Holdings Limited

Industry: Banking / Financial Services

Deadline: Not specified

Job Type: Full Time

Qualification: Bachelors

Experience: 3 – 5 years

Location: Gauteng

City: Centurion

Field: ICT / Computer

Role Purpose    

  • The role will be positioned within the risk management function of Momentum Insure. The function’s purpose is to provide subject matter expertise and input on industry best practice risk management frameworks, controls and risk treatment plans, as well as identifying, assessing and monitoring of IT and operational risk exposures across the business.
  • This function also ensures that Momentum Insure’s IT and operational risk assurance needs are identified by applying a risk-based criterion that is used to develop control audits.

Requirements    
Experience and Qualifications

  • A relevant degree in Computer Science, Information Technology, Internal Audit, Risk Management or equivalent at NQF level 7.
  • At least 3-5 years’ experience in an IT, information security risk or an operational risk role (or a combination of these) within the financial services industry.

Duties & Responsibilities    

  • Assist in the implementation of policies and frameworks, and compliance standards for IT and operational risk management, including the consideration of the necessary risk appetite statements and key risk indicators, ensuring that IT and operational risk management techniques and tools incorporate innovative technological solutions.
  • Perform and monitor IT and operational risk assessments, which encompasses identifying, assessing, measuring, prioritizing and reporting of risks that may impact the business.
  • Assist in developing an annual risk-based audit plan (RBAP) for Momentum Insure to provide assurance on key IT and operational risks and business activities.
  • Testing and tracking of management actions to remediate and close IT and operational risk related audit findings & issue log testing.
  • Ensure relevant and timeous reporting on risk assurance reviews and findings.
  • Administration of the Risk and Control Self-Assessment (RCSA), key risk indicator (KRI) monitoring and validation, and providing assistance to the IT and Operational Risk Manager in the execution and monitoring of other operational risk tools.
  • Provide assistance to the IT and Operational Risk Manager with the implementation of technologies and platforms to promote IT and operational risk process efficiencies.
  • Perform root cause analysis and identify thematic IT and operational risk exposure across the business.
  • Analyse IT and operational risk information to perform trend analysis and correlate this with industry experience, where possible.
  • Engage with senior stakeholders to promote timely and accurate information/updates to assurance and risk processes, ensuring that the role remains acutely aware of any key IT and operational process changes to enhance risk oversight. Develop remedial plans with IT and operational risk owners to manage these risks to desired levels on an ongoing basis.
  • Provide input on IT and operational risk quarterly reporting, in terms of risk exposure and associated mitigating plans.
  • Ensure quarterly SANS Top 20 is submitted to Momentum Group IT Security.
  • Ensure that regular (at least quarterly) Logical User Access Management assessments are completed.
  • Provide support to the Business Continuity Officer and IT and Operational Risk Manager during the annual disaster recovery testing process, where deemed appropriate.
  • Provide IT and Operational risk input into the Third-Party risk management process, including reviewing of Third-Party risk assessments and questionnaires.

Competencies    
Skills and behavioural competencies:

  • Written and verbal communication skills
  • Presentation skills
  • Influential and assertive, displaying self-confidence
  • Negotiation skills
  • Relationship management
  • Analytical skills and attentive to detail
  • Planning and organising skills
  • Upholding standards

Knowledge:

  • Requires knowledge of information technology risk issues, techniques and implications across a wide variety of existing information technology platforms.
  • Understanding of IT and operational risk management practices within the financial services industry.
  • Requires knowledge of the relevant regulatory, legislative, governance, risk and compliance landscapes would be beneficial to the role
  • Understanding of Enterprise Risk Management (ERM) and Own Risk and Solvency Assessment (ORSA) practices and philosophies would also be beneficial to the role.

Employee Benefit Consultant at Momentum Metropolitan Holdings Limited

Financial Advisor – Gauteng at Momentum Metropolitan Holdings Limited