Senior Risk Manager at Nedbank

Job Purpose

• Embed, operationalize, and implement the Group Risk Framework while guiding the business to mitigate risks and ensure regulatory compliance.

Job Responsibilities

• Support the Head Cyber Risk with embedding of a systemic risk culture and promoting transparency across the business.
• Engage and build relationships with the three lines of defence as key internal stakeholders.
• Provide Cyber and IT risk subject matter expertise to change programmes and projects as required.
• Work collaboratively with first line and second-line teams to review and maintain RCSAs. The role should ensure risks owners build good awareness and understanding of each risk, both systemic and non-systemic; and to identify emerging risks that could result in a threat to Nedbank’s Group sustainability.
• Ensure that risks are managed and anticipated by monitoring and analysing risk and risk trends.
• Ensure that identified risks are treated by facilitating the development of mitigating actions and monitoring the implementation thereof.
• Monitor adherence and compliance to the relevant risk management frameworks and policies
• Be a Cyber security subject matter expert for the bank by providing expert advice on all aspects of cyber security risk management within the business.
• Build and maintain professional relationships by information sharing and professional networking within the bank.
• Build and maintain internal stakeholder relationships through collaboration with stakeholders and regular communication via various media.
• Assist with coordinating group wide Information Security risk and maturity assessments in line with the group's risk management frameworks.
• Collaborate with stakeholders, including GT ISD, BISO, Procurement, legal, compliance and business teams, to develop and implement cyber resilience strategy, framework, and policies. 
• Identify, develop, and enhance policies, standards, procedures and guidelines and drive implementation and compliance throughout the group.
• Maintain a view of current information security threats and trends globally by conducting research and perform threat modelling and threat vector analysis at a group wide level.
• Support the achievement of the business strategy, objectives, and values by ensuring delivered systems, process, services, and solutions are aligned.
• Report regularly to senior management, Exco and Board on the status of cyber resilience efforts, including risks and cyber incidents. 
• Participate in joint implementation of industry-wide cyber security standards and guidelines.
• Identify training courses and career progression for self through input and feedback from management.
• Ensure all personal development plan activities are completed within specified timeframe.
• Share knowledge and industry trends with team and stakeholders during formal and informal interaction.

Essential Qualifications - NQF Level

• Advanced Diplomas/National 1st Degrees

Preferred Qualification

• Bachelor’s degree in computer science or management information systems  

Preferred Certifications

• Certified Information Security Manager (CISM)/ Certified Information Security Auditor (CISA)
• PMI or other PM accreditation Preferred Certifications

Minimum Experience Level

• 6-7 years of Cyber and IT Risk management experience.
• In depth technical knowledge on operating systems, databases, applications Experience in a bank preferred.
• Governance and Board Reporting experience.
• Proven expertise in risk management, regulatory compliance, and stakeholder engagement

Technical / Professional Knowledge

• Banking knowledge
• Business Acumen
• Data analysis
• Governance, Risk and Controls
• Industry trends
• Principles of project management
• Relevant regulatory knowledge
• Business writing skills

Deadline:1st July,2025