IT Risk Specialist at FNB South Africa

• To oversee the implementation and monitoring of a risk management framework including policies, standards and security. architecture to ensure sound IT management practices

Are you someone who can do:

• Maintain expert knowledge on relevant legislative amendments, industry best practices and provide advice to relevant stakeholders.
• Maintain up to date knowledge of local and global trends.
• Provide thought leadership and expertise.
• Identify sources of the risk, areas of impact, events and their causes and potential consequences that might create, enhance, prevent, degrade, accelerate, or delay the achievement of IT objectives.
• Determine the level of risk, which is defined as the combination of the consequences and likelihood of the inherent risk.
• Conduct impact analysis to ensure resources are adequately protected with proper control measures within acceptable levels of residual risk.
• Assist IT with creating action plans to mitigate potential risks within the IT environment and comply with governance in terms of legislative, audit and business policy requirements.
• Follow up on deficiencies identified in monitoring reviews, self-assessments, automated assessments, and internal and external audits to ensure that appropriate remediation measures have been taken.
• Contribute to IT Risk reports, and review and assess quality and accuracy of IT reports.
• Monitor and analyse IT Risk performance and generate reports Identify areas needing improvement and develop recommendations Partner with business and IT about monitoring and reviewing risk performance.
• Monitor and analyse IT Risk performance and generate reports.
• Identify areas needing improvement and develop recommendations.
• Partner with business and IT with regard to monitoring and reviewing risk performance.
• Provide advice and support to business about tools and methodologies to mitigate IT risks and issues, and to improve identified control weaknesses.
• Consult with business and technical staff on potential operational impacts of proposed changes to the IT environment.
• Inform stakeholders about IT risk issues and activities affecting the assigned area or project Report to management concerning residual risk.
• Attend relevant BU committees e.g., Monthly BU IT Risk Committee, BU IT Exco, Project Steering committees, New Product Approval, CAB etc.
• Monitor the BU’s development of DR/BCM test plans, testing, and documentation for each application Review selected change requests to ensure they are appropriately incorporated into the larger business plan.
• Assist in the identification of root causes (including identification of control failures) of IT-related incident recommend appropriate mitigation of root cause.
• Maintain an up-to-date understanding of industry best practices. Test adequacy of existing controls and recommend actions for improvement.
• Monitor the Business Unit’s compliance with Group security policies and standards with guidance from their respective ISO and IT Risk Manager Oversee hygiene reporting and action plans to remediate noncompliance Assess and monitor the risk posture against tolerance., as it relates to information and cyber security.
• Provide risk posture on area / system being audited, including known issues and action plans. Assist Business/IT with creating action plans to mitigate the risks from the audit findings.
• Assess the adequacy of action plans defined by business. Determine revised dates for overdue where necessary and ensure formal revision process is followed.
• Undertake periodic reviews of the contracts/arrangements to ensure these comply with the Group Sourcing and Vendor Management policy.
• “Provide IT Risk briefings to advise on critical issues that may affect the business. Conduct knowledge transfer training sessions to both internal and external stakeholders regarding risk programmes.”
• Monitor accuracy of the IT Asset Register and CMDB (Configuration Management Database).
• Monitor the IT process for updating IT Asset Register and CMDB.
• Provide recommendations for the IT Continuity and Risk Frameworks/Guidelines based on findings from analyses of usage and practices in IT.
• Provide advice and support to the BU to ensure that IT Risk is fully functional and in accordance with frameworks and Risk requirements.
• Manage the conceptualisation, planning, and delivery of IT Risk Management projects as assigned.
• Collaborate with IT Operational/Risk teams to ensure delivery of projects.
• Provide status updates to relevant stakeholders.
• Serve in an advisory role in application development and infrastructure projects to assess risks.
• Recommend and ensure implementation of required changes to IT risk and security policies and procedures· Benchmark current IT practices against leading practices and existing frameworks.
• Annually review and report any gaps in IT policies, procedures, standards both current and new Recommend required changes to IT policies, procedures, standards.

Dare to imagine the change with us if you are:

• An adaptable problem solver who does not fear change but thrives from it.
• A disruptor in your field of IT expertise
• An initiative taker who identifies opportunity and improves
• Known for your delivery track record.
• Wanting to be in a career that makes meaningful contribution to your and other people’s lives.

We’ll make a good match if you’re:

• Curious – you’re driven by always wanting to know more and learn more.
• Obsessed with mastery – you know what it takes to become good at what you do and are constantly pushing yourself to do it.
• Courageous – you’re brave enough to think and do things differently and are always ready to put your hand up and take ownership.
• A team player – you believe in the power of teams so you’re always part of one, building and leveraging your networks.
• Emotionally intelligent – you have a high EQ that enables you to truly connect with people, no matter how technical or specialist your role is.

You’ll benefit from our changeable benefits like:

• Inspiring work environment
• Work that is challenging
• Space to make a difference.
• Opportunities to innovate.
• Focus on health and wellbeing (onsite wellness center, gym and crèche at our main campus to innovative employee wellbeing and financial fitness programmes)
• Resources to help you with your professional development.
• Generous leave policy
• Preferential employee banking rates
• When it comes to learning and development, we encourage our changeable to expand their knowledge, on their own, with others, in person or online.
• As for our workspace, it is immersive, collaborative, and energetic because at FNB, innovation is our lifeblood and change in our DNA.

End Date: October 31, 2025