Associate IT Risk Analyst at South African Reserve Bank

Brief description

The purpose of this position is to realise the responsibilities of the Prudential Authority (PA) in respect of the supervision and regulation of IT risk in insurance entities. The successful candidate will be involved in operational duties associated with on and off-site analysis and will support a team of risk specialists in the PA who are responsible for providing specialist knowledge, skills and experience in the information technology risk management area.

Detailed description

The successful candidate will support a team of senior analysts responsible for, among others, the following key performance areas:

Supervision

• Participating in supervisory reviews and practices (desktop and prudential meetings) in relation to information technology risk in PA-regulated insurers as well as support colleagues with PA-regulated banks and market infrastructures, including inspecting risk appetite and management practices with respect to information technology and information technology risk.
• Determine whether financial entities have established appropriate information technology frameworks, policies, and processes that address areas such as information technology governance, system development, project management, architecture, etc., and have made investments in information technology commensurate with the size and complexity of the operations.
• Ensuring regulated entities’ compliance with regulations governing information technology risk.
• Support other risk teams, including the Operational Risk, Credit Risk, and Market Risk divisions with supervisory duties with regard to IT-related elements.
• Research and develop regulations and methods to analyse and interpret information technology risk-based information.
• Monitoring regulated entities’ exposure to information technology risk, as reported to the PA under the various operational risk approaches.
• Providing technical information technology risk specialist support and guidance (SME).
• Assist with the development, analysis and interpretation of information technology / information technology risk assessments, surveys, and questionnaires.
• Staying abreast of international best practice and developments surrounding information technology risk matters to benchmark and implement locally.

QUALIFICATIONS

Job requirements

To be considered for this position, candidates must have:

• A degree in Information Technology, Informatics, Risk Management
• Honours degree in any specified fields will be an added advantage
• Applicable information technology risk management experience
• At least 4 years’ relevant working experience in the Insurance, banking or financial sector

The following would be an added advantage:

• Certified in any of the following - CRISC, CISA, CGEIT, or equivalent certifications
• Knowledge of the best practice standards and frameworks at both theoretical and practical level

Additional requirements are as follows:

• Knowledge of, and experience in; the insurance, banking or financial market infrastructure systems; financial, insurance and banking products; regulations, and technology systems used in the various financial sectors with particular emphasis on IT / IT risk matters
• Knowledge and understanding of information technology / information technology Risk Frameworks e.g., NIST, COBIT, ISO 27001, ITIL, ISO 31000, ISO 38500 and further developments in this space.
• Information technology/information technology risk, audit, etc.
• Knowledge and understanding of the risks that banks, insurance, and financial market infrastructures face.
• Competence in basic office information technologies.
• Ability to work in a team and contribute to team success.
• Reliable own transport as the position requires regular travel between the PA’s offices in Pretoria and the offices of banks, insurance entities, and financial market infrastructures which are generally outside Pretoria.