Responsibilities
- Conduct comprehensive business impact assessments (BIAs) to evaluate the potential impact of IT disruptions on business operations.
- Review and update existing disaster recovery plans (DRPs) to ensure their effectiveness and alignment with current business requirements.
- Assess integration projects from a GRC perspective, ensuring compliance with relevant regulations and standards.
- Identify, evaluate, and mitigate IT risks associated with systems, processes, and data.
- Develop and maintain documentation related to IT governance, risk, and compliance initiatives.
- Advise on the implementation and maintenance of IT controls to safeguard sensitive information and mitigate risks.
- Collaborate with IT teams and business stakeholders to ensure compliance with IT GRC best practices.
- Bachelors degree in Computer Science, Information Systems, or a related field.
- At least 6+ years of experience in IT GRC roles.
- Strong understanding of IT GRC frameworks such as COBIT, ISO 27001, or NIST Cybersecurity Framework.
- Proven ability to conduct risk assessments and develop effective mitigation strategies.
- Experience in creating and maintaining comprehensive documentation, including BIAs and DRPs.
- Knowledge of IT General Controls (ITGCs) and IT Security Controls.
- Excellent analytical and problem-solving skills.
- Strong communication and interpersonal skills.
- Ability to work independently and as part of a team.
- Certification in IT GRC frameworks (e.g., CISM, CRISC, CGEIT).
- Experience in a regulated industry.
- Knowledge of project management methodologies.
- Location: Johannesburg, South Africa
- Duration: 4 Month contract
- Set up: Remote
