(982) Senior Information and Technology Risk Analyst - BSTD

Brief description

To develop, embed and maintain Information & Technology (I&T) risk management processes, framework and policies to enable the South African Reserve Bank (SARB) and SARB group (where applicable) to respond to risk exposures and leverage on opportunities.

Detailed description

The successful candidate will be responsible for the following key performance areas:

• To embed SARB Group risk management frameworks, methodologies, processes and systems as well as embed related policies.
• To develop, maintain and embed Information & Technology (I&T) SARB risk management frameworks and ensure alignment to the SARB Group risk management frameworks.
• To develop risk management quality criteria and perform quality reviews on risk management outcomes.
• To identify, collate, analyse and report on emerging I&T risks to the SARB and SARB group.
• To facilitate strategic Information & technology (I&T) risk management processes in the SARB and SARB group in accordance with the SARB Group Risk Management Framework.
• To facilitate I&T application and general IT risk assessments to enable business to proactively manage risks relating to technology.
• To assess, analyse and embed IT general risk and control for IT for business processes.
• To coordinate integration of IT general risk and control for ‘IT for IT’ as well as ‘IT for business’ frameworks.
• To identify and coordinate risk management training needs as well as conduct related training.
• To compile and co-ordinate reporting on I&T related risk management outcomes and activities to the SARB Group’s, executives and risk oversight committees.
• To develop the Bank-wide I&T risk overarching plan, co-ordinate and embed operational risk and continuous risk management across the SARB (KRIs, Risk Incidents, Emerging risks).
• To develop risk awareness campaigns to educate stakeholders, influence behaviour and promote a positive as well as proactive risk management culture across the SARB and SARB Group.
• To analyse risk data and information on the various risks registers to identify trends, interconnectedness/polycrisis, commonalities and create qualitative risk reporting and derive reliable business intelligence/insights for management to enable decision making.
• To engage with stakeholders to provide information and support on risk management matters.
• To research and benchmark leading risk management processes and developments propose improvement accordingly.
• To analyse and understand the Bank’s environment (internal and external) in order to support and guide the identification of risks and opportunities to enable decision making.
• To provide input to other specialised risk management processes i.e. policies, methodologies, frameworks (Financial risk management, Cyber and information security, Privacy, Physical security, strategic and operational resilience etc.).
• To manage the implementation of the BSTD strategic and operational risk treatment action plans, and report on their progress and impact on risks.
• To oversee the integration between RMCD and other specialised risk areas.

Job requirements

To be considered for this position, candidates must be in possession of:

• A minimum of an Honours Degree (Information and Technology (IT) or any other relevant NQF 8 degree) OR equivalent;
• A minimum of 8-10 years of experience in the relevant environment (Audit, IT and Risk).
• Certified in Risk and information’s Systems Control (CRISC), Certified Information Systems Auditor (CISA) CIA, CRM, FRMP, and/or relevant I&T.
• Risk Industry Certification is essential.

The following would be an added advantage:

• ITIL certification, COBIT 2019 Certification and Certified in the Governance of Enterprise IT (CGEIT) will be an added advantage.

Additional requirements include:

• Good understanding of ISO 31000, ISO 27001 and NIST Framework
• Industry, organisational and business awareness knowledge
• Quality assurance knowledge
• Continued learning and/or professional development 
• I&T Risk management principles, tools, methodologies, frameworks, policies and processes knowledge
• I&T Risk management strategy and planning knowledge
• Risk identification, analysis and assessment knowledge
• Risk mitigation and management knowledge
• Risk monitoring and reporting skills
• Continuous improvement
• IT governance knowledge
• Operational resilience
• Basic Cyber security
• Planning and organising
• Facilitation and integration skills
• Problem solving and analysis
• Drive for results
• Verbal and written communication
• Interpersonal Skills
• Impact & Influence
• Service & Stakeholder Focus
• Building & Maintaining Relationships
• Learning focus
• Teamwork

In line with the SARB’s commitment to diversifying its workforce, preference will be given to suitable candidates from designated groups. People with disabilities are welcome to apply.

The SARB offers remuneration and benefits commensurate with the level of the position and in line with the market. The level at which the successful applicant will be appointed will depend on his/her competence and experience.

About SARB

 

Primary mandate of the SARB

 

Section 224 of the Constitution of South Africa states the mandate of the SARB as follows:

The primary object of the South African Reserve Bank is to protect the value of the currency in the interest of balanced and sustainable economic growth in the Republic.

The South African Reserve Bank, in support of its primary objective, must perform its functions independently and without fear, favour or prejudice.

 

WHAT WE DO

 

Monetary Policy

 

The Constitution gives the SARB the mandate to protect the value of the rand. We use interest rates to keep inflation low and steady.

 

Financial Stability

 

The SARB has a mandate to protect and enhance financial stability. We identify and mitigate systemic risks that might disrupt the financial system.

 

Prudential Regulation

 

The Prudential Authority regulates financial institutions and market infrastructures to promote and enhance their safety and soundness, and support financial stability.

 

Financial Markets

 

Open market operations are the main tool we use to implement monetary policy. We manage South Africa’s gold and foreign exchange reserves.

 

Financial Surveillance

 

The SARB is responsible for regulating cross-border transactions, preventing the abuse of the financial system and supporting the regulation of financial institutions.

 

Payments and Settlements

 

The SARB is responsible for ensuring the safety and soundness of the national payment system, which is the backbone of South Africa’s modern financial system.

 

Statistics

 

The SARB provides important economic and financial statistics that present an overview of the economic situation in South Africa.

 

Research

 

Research conducted by the SARB focuses on economics, financial stability, banking and emerging trends in finance. Our research supports policy decision-making.

Banknotes and Coin

 

The SARB has the sole right to make, issue and destroy banknotes and coin in South Africa.