Job Description
We are currently recruiting for an IT Risk Officer to join our team in Cape Town or Johannesburg. This role provides specialist risk advisory, oversight, and support across the IT and Cyber security/Information security value chain. Reporting into the OMF Information Security Risk Manager, this role is essential in providing oversight, monitoring, and appropriate challenge of the business unit’s overall risk profile to ensure that Line 1 management is appropriately managing their risks and the control environment to meet their business objectives.
Who are We?
Old Mutual is a premium African financial services organisation that offers a broad spectrum of financial solutions to retail and corporate customers across key market segments in 17 countries. The lines of business include Life and Savings, Property and Casualty, Asset Management, and Banking and Lending.
The Opportunity:
Old Mutual Finance is currently seeking to hire an OMF IT Risk Officer. This role provides specialist risk advisory and support during IT projects, in-house application development initiatives, and enhancements as well as third-party risk management. This role also provides specialist assistance in ensuring the effective functioning of OMF’s Information Security Management System (ISMS).
- Assists business unit management to rollout the risk management strategy, risk policies, and information security policies as per the OMF risk requirements.
- Ensures that risk management processes (identify, measure, respond, monitor, and report risk) are implemented in the business or across IT functions.
- Provides oversight and technical guidance to management across the value chain to embed risk management and information security.
- Challenges management where deemed appropriate and expresses an opinion on execution/change risk.
- Collaborates with IT Teams in an advisory capacity to ensure risk management and information security is embedded in processes.
- Assists with design, review, and maturing of OMF IT controls, processes, and procedures.
- Supports Line 1 management to complete annual and quarterly risk processes.
- Provides support to business unit management in carrying out risk-related responsibilities and influences risk-based decision-making.
- Collaborates with IT Project Management Office to ensure security/risk requirements are communicated and assessed for all projects and system implementations.
- Provides direction and oversight over vulnerability management activities across IT services including external assurance over security processes.
- Provides risk assurance over key IT and information security processes.
- Contributes to and supports the execution of the OMF Information Security and IT Risk reduction plan, closely collaborating with IT and Business Stakeholders to ensure information security risks are managed effectively.
- Supports the OMF stakeholders in effectively defining and prioritizing risk reduction action plans in line with policies and standards and manages until closure.
- Compiles Risk Reporting and risk indicator dashboards for the various committees where Information Security Risk is tabled.
- Achieves results through own professional and self-development.
Minimum Requirements:
5+ years relevant industry experience within the financial services sector in an IT Risk or security role.
Degree/Honours in Information Systems or Information Technology (Essential).
Knowledge of Information Security and IT Risk.
Recognized professional industry certification(s) such as SSCP, CISM, ISO 27001 Lead Implementer/Lead Auditor, CISSP, CEH.
Knowledge of Information Security Standards and Frameworks such as NIST CSF, ISO27001/2.
Knowledge of Secure Software Development Lifecycles and agile ways of work.
Knowledge of Vulnerability Management.
Knowledge of Cloud Computing Platforms such as AWS.
Education:
Bachelors Degree (B) (Required)
Package & Remuneration
Market Related
Disclaimer
The appointment will be made from the designated group in line with the Employment Equity Plan of Old Mutual South Africa and the specific business unit in question.
Old Mutual Limited is pro-vaccination and encourages its workforce to be fully vaccinated against Covid-19.
All prospective employees are required to disclose their vaccination status as part of the recruitment process. Please refer to Old Mutual’s Covid-19 vaccination policy for further detail. Kindly note that Old Mutual reserves the right to reinstate the requirement to vaccinate at any point if it is of the view that it is imperative to do so.
#J-18808-Ljbffr