ICT Risk&Projects Officer, Durban

Purpose of the Role Responsible for maintaining acceptable levels of ICT Risk, executing and overseeing implementation projects to continuously keep the ICT department prepared and in line with audit and corporate governance expectations, and applicable legislation. Effecting ICT Risk mitigation strategies based on contemporary research, best practice principles and best of breed solutions. Participating and facilitating information collation and flow for the ICT team year‑round and through audit engagements, practical effectiveness through managing sub‑projects, working with all stakeholders through to successful implementation, and sustained adoption.

Internal Interaction (information, support, advice) Organisation wide management and exchange of information sharing, support, advice, persuasion and education on governance, compliance and security.

External Interaction (information, support, advice, persuasion/ negotiation) Service providers: Management of exchange of information, advice, persuasion and negotiation. Local Authorities: Exchange of information, advice, persuasion and negotiation on effective use of Fund systems.

Minimum Qualifications to Perform Role Tertiary qualification at NQF Level 7 with Business Administration and ICT as majors.

Other Qualifications Certified Information Systems Auditor (CISA), Certified in Governance of Enterprise IT (CGEIT), Certified in Objective Centric Risk&Certainty Management™ (cORCM™), Prince 2 Certification in Project Management.

Minimum Period of Experience / Training 3 years incorporating desktop support, server support, business systems, procurement processes, project management, and IT audit. A minimum of 3 years at specialist level.

Preferred Experiential / Training Background ICT junior management in Financial Services/Pension Fund Administration environment.

Strategy and Operational Plan Implementation

Develop operational plan that delivers on the ICT strategic plan.

Monitor team performance against strategic and operational objectives.

Report on project progress against deliverables.

Management of all compliance with applicable legislation as amended from time to time.

Ownership of ICT Maturity assessments and formulating roadmaps, guiding ICT department to move key deliverables into matured states.

Leading initiatives such as data classifications, POPIA compliance.

Management of Governance and Compliance

Ensure that each ICT area has agreed KPIs that are aligned to the ICT strategic objectives and ICT operational plan.

Continuously monitor performance and actions of the ICT department are aligned to supporting key business objectives.

Manage roles in the department ensuring that they remain up to date covering all new developments in the governance and security space.

Maintain ICT services schedule of providers, systems, assets, etc. for renewal.

Ongoing engagement with all ICT team members to sustain the required generating and flow of reporting information for management, audit, and governance reporting purposes to ensure compliance.

Financial&Project Management

Manage project and expenditure budgets for Risk mitigation and audit objective implementations, ensuring tight budgetary control.

Manage project and operational expenditure for specialist area through control of invoices through sign‑off procedures.

Manage compliance with procurement policy, processes and systems.

Provide project management office oversight focused on ICT department’s risk mitigation and implementations of audit recommendations, governance and compliance initiatives, and provide assistance to other business projects where capacity and or criticality permits.

Project management functions including liaison with stakeholders, scoping and detailing work breakdown structures, costing and resource estimation and scheduling, monitoring progress, intervention and assistance, alleviating deadlocks, feedback to stakeholders.

Governance and Compliance

Monitor the Fund’s use of ICT resources to advance delivery of Fund strategy ensuring compliance in achieving organisational, audit, governance and legislative directives.

Develop, implement and or mature ICT structures, policies, procedures and documentation, in conjunction with emerging trends and technology, audit recommendations and governance requirements to ensure compliance objectives are met.

Develop and manage the ICT rights and accountability framework to reinforce desirable behaviour in the use of ICT infrastructure.

Promote ethical conduct and compliance with Fund policy, rules and processes that guide the use of ICT resources.

Manage real‑time monitoring, and ensure corrective action where appropriate, to ensure desired behaviour in the use of ICT infrastructure and systems.

Ensure that the Fund conducts its business in full compliance with national and international laws and standards for financial services sector.

Controls and Mitigations

Assist in creation of true and accurate system change controls requests for execution by the respective ICT team members, and perform post‑implementation validation.

Perform user system access reviews, liaise with business units for approvals, identifying any gaps and seeing through to resolution.

Manage the monitoring and controlling access to confidential information through assignment of uniquely identifiable accounts and user rights authorisations for non‑repudiation.

Manage the safe transmission of data through secure internet gateways and encryption of electronic data.

Manage the secure storage and disposal of data through assigning responsibility for ongoing storage and disposal of data in accordance with policy, procedures, protocols and sector best practice.

Management of personnel security through implementation of“need to know” principle and applicable policies and legislation as well as confidentiality agreements.

#J-18808-Ljbffr