Never pay for any CBT, test or assessment as part of any recruitment process. When in doubt, contact us
KPMG is the authoritative voice in Africa - unmatched in our ability to provide excellent service to our global, regional and local clients.
KPMG in Africa's footprint ensures our forward-thinking, skilled professionals understand the complexities of doing business on this continent.
Our deep expertise on Africa’s contrasts and opportunities and long-s...
Overall Purpose Of The Role
- The Information Risk Analyst is responsible the identification, monitoring and assisting with the remediation of Information Security Risk by performing Risk Assessments, monitoring the performance of the establish control environment and assisting with the development and implementation of remediation plans.
Requirements
Desired Qualification And Experience
- 2-3 years’ experience in Information Technology Auditing
- Industry recognized qualification A+, N+, Security +
- Ability to demonstrate strong knowledge of computer security concepts
- Experience with identifying, analysing, and reporting on risk indicators related to information security
- Meaningful work experience IT organizations, including security incident response, threat analytics, security operations, and security risk management
- CISM and/or CISA certification or completion of exam would be an advantage
- Knowledgeable of information technology security technical principles, Information Assurance methodologies and concepts
- Information security auditing experience would be an advantage
Core Competencies (Attributes)
- Attention to detail and accurate documentation
- Ability to analyse and interpret information
- Able to work independently and as part of a team
- Ability to organize and prioritise multiple tasks and work under pressure
Main Responsibilities
List the tasks underpinning the responsibility
Conduct Information Security Risk Assessments
- Conduct new and Annual Third-party Risk Assessment
- Conduct new Systems/Application/Solution Risk Assessments
- Conduct Information Security Risk Assessments of Information Processing Facilities
Assist with Internal and External Audits
- Assist with the preparation and completion of annual internal audits
- Assist with the completion of external audits
Assist with Compliance Reviews
- Conduct monthly, quarterly compliance reviews on the performance of Information Security controls and assist with the implementation of redial actions where issues are discovered
Information Security Awareness Training
- Manage the rollout of annual Information Security Awareness Training programme
- Development of monthly Information Security Awareness material
Assist with Client Questionnaires
- Assist with completing Information Security Client Questionnaires and review of Information Security Contractual clauses
Creating status reports for all audit and compliance activities
- Create weekly and monthly status reports on operational activities
Support the implementation of NITSO Projects and other team initiatives
- Provide support with the execution of project or NITSO initiatives