IT Governance Risk and Compliance Analyst

About the role:

The role of the IT Governance, Risk and Compliance Analyst is to act in support of the development, management, and delivery of the ZEPZ Governance programme with a special focus maturing the overall function of GRC through process and principle adoption that reduces risk, and creates value.

What you will own:

Assist in the implementation of IT Governance, Risk and Compliance solutions in line with the ZEPZ policies and frameworks. Focussing on IT Governance principles and practices.

Assist in the development and implementation IT Governance, policies, processes, procedures, and IT controls in relation to ZEPZ.

Development and implementation of IT Governance Frameworks, IT Controls, recommendations from various assessments and action plans following an appropriate methodology by management's approval that is aligned with international and financial industry standards (e. g. COBIT, ITIL, ISO, NIST, PRINCE II, CMM, etc)

Assist in the maintenance of IT alignment activities, including report submissions, across various governance committees and structures

Include control document reviews, meeting coordination, assessment, finding mediation, assisting control owner with remediation plan development, tracking findings through remediation, progress monitoring, reporting, and escalation

As 1LOD, Assist in the assessment of the current adequacy of the business continuity / disaster recovery plans in conjunction with Risk Management, potential threats to the systems, and then calculate the impact of potential adverse events in line with 2LOD.

Participate in the development, adoption, and compliance of IT governance framework across all areas of business

Perform design and process analysis and control testing  for IT business processes that impact IT Governance and other audit and exam assessments.

Facilitate adoption and continuous improvement of planning practices and processes within IT and the business as a whole.

Skills and experience: 

Define and develop/deploy enterprise IT policies and controls, processes, performance tracking and dashboards, technology and tools

Ensures organizations’ compliance and its controls’ effectiveness to corporate requirements through proper communication, regular practice check and continuous improvements of policies/process in place

Act as Subject Matter Expert in IT methodologies, policies, etc. He/she will be the steward of IT these artifacts. Practices must align w/ the documented design/policies/process/standards

Assist in defining architecture or a business initiative by providing the appropriate guidance to achieving the organizations’ aspiration i.e design, IT methodologies, process, policies, etc

Coordinates with internal business on technology compliance, audit and regulatory enquiries both internal and external. Represents IT from Information Security, recovery and technology risk perspective. Ensures proper analysis and timely findings/responses/mitigation in a consistent and factual manner; establish & follow the escalation or reporting process.

Drives IT organizations’ performance and proper management of IT initiatives/services through use of tools, facts/data, reports, dashboards, etc.

Ensures up-to-date and effective assets/tools or compliance through regular monitoring, analysis, investigation, strengthening and protection of business technological assets, data, etc

Participates in industry forums and/or consortiums to represent the business interest and set standards/practices

What you bring to the table: 

A minimum of three years of information technology governance experience, preferably in a FinTech or similar organization.

Thought process is organised. Has passion for technical writing, structure, control and governance.

Evolved from being an technical IT person to driving IT governance in the organization.

Familiar with ICT Business e.g. Consulting, ManagedServices, CloudServices, etc

Exposed in facets of IT e.g. Projects, Delivery Support, Infrastructure, SW Development

At least 4 years relevant experience in Industry standards for IT Governance and controls frameworks e.g. COBIT, ITIL/ITSM, Project and SW Development, ISO, InfoSec/DataPrivacy, among others

Must have developed and deployed an integrated IT frameworks/methodologies, policies, processes, procedures and templates

Must have introduced efficiency &/or deployed IT tools to operations and projects

Must have performed an IT audit or familiar with Information Security, Data Privacy, Information Systems Audit requirements and other IT risk management or due diligence practices

Tags