Specialist: Risk

Job Summary

The role reports to the Technology & Cyber Risk Senior Manager within Insurance Product. Accountabilities include:

• Participate in internal and external audit engagements from planning through to closure, including review of audit reports for factual accuracy, validation of action owners, and assessment of remediation feasibility. Facilitate timely closure of audit findings.
• Maintain an up-to-date inventory of applications within the CIO portfolio, including classification based on risk exposure.
• Drive the rollout and completion of Risk and Control Assessments (or equivalent), ensuring accurate capture and maintenance of results in the relevant system.
• Act as a liaison between Business Risk and Technology teams to ensure resilience risk is appropriately reflected in the overall business risk profile.
• Support the assessment and rating of Technology and Cyber risks in line with the Absa RICM framework, including evaluation of associated impacts.
• Manage remediation tracking by recording action plans, monitoring progress, and facilitating closure of identified risk, control weaknesses, and policy/standard deviations.
• Oversee the timely remediation of findings raised by assurance providers, including the preparation of closure or milestone conversion documentation. This includes ongoing engagement with control owners, structured status reporting, and validation of remediation adequacy.
• Engage with technology and senior management to monitor and drive progress against remediation commitments.
• Review closure and/or conversion submissions for completeness and quality prior to submission to Absa Internal Audit.
• Deliver on special risk and compliance initiatives driven at Group level (e.g., CSO), ensuring accuracy and alignment with expectations.
• Identify and monitor high and medium risk initiatives within the portfolio, including tracking of RAG status from a risk perspective and participation in project assurance reviews where required.
• Develop, consolidate, and deliver Technology and Cyber Risk profile reporting across BU, PPB, and AFS governance forums, including ERCs, the Board, and ARCC.
  

• Degree in Information Systems/ Computer Science/ Risk Management/Audit/or equivalent Advanced Diploma
• CISA/CRISC/CISM/CGEIT or any other IT Governance related qualification
• 2- 3 Experience in a technology risk/cyber security/audit environment
• Exposure to risk management practices and a good understanding of control structures
• 1 - 2 years job relevant experience in a corporate environment (preferably Banking environment/ Audit firm experience)
• Solid knowledge on the understanding and application of risk, compliance, and control measures for Technology & Cyber Security. Business organization and industry understanding.
• Strong understanding of Technology & Cyber Security operations, processes, risks and controls
• Strong interpersonal, communication, facilitation and negotiation skills.
• Self-confidence and assertiveness/persuasiveness
• Take ownership of the assigned portfolio with proactive response to potential risk matters

Education

Absa Bank Limited is an equal opportunity, affirmative action employer. In compliance with the Employment Equity Act 55 of 1998, preference will be given to suitable candidates from designated groups whose appointments will contribute towards achievement of equitable demographic representation of our workforce profile and add to the diversity of the Bank.

Absa Bank Limited reserves the right not to make an appointment to the post as advertised