Talent.com
This job offer is not available in your country.
IT and Operational Risk Specialist

IT and Operational Risk Specialist

Momentum Metropolitan Holdings LimitedCenturion, ZA
14 days ago
Job description

Job title : IT and Operational Risk Specialist

Job Location : Gauteng, Centurion

Deadline : October 14, 2025

Quick Recommended Links

  • Jobs by Location
  • Job by industries

Role Purpose

  • The role will be positioned within the risk management function of Momentum Insure. The function’s purpose is to provide subject matter expertise and input on industry best practice risk management frameworks, controls and risk treatment plans, as well as identifying, assessing and monitoring of IT and operational risk exposures across the business.
  • This function also ensures that Momentum Insure’s IT and operational risk assurance needs are identified by applying a risk-based criterion that is used to develop control audits.

    • Requirements

    Experience and Qualifications

  • A relevant degree in Computer Science, Information Technology, Internal Audit, Risk Management or equivalent at NQF level 7.
  • At least 3-5 years’ experience in an IT, information security risk or an operational risk role (or a combination of these) within the financial services industry.

    • Duties & Responsibilities

  • Assist in the implementation of policies and frameworks, and compliance standards for IT and operational risk management, including the consideration of the necessary risk appetite statements and key risk indicators, ensuring that IT and operational risk management techniques and tools incorporate innovative technological solutions.
  • Perform and monitor IT and operational risk assessments, which encompasses identifying, assessing, measuring, prioritizing and reporting of risks that may impact the business.
  • Assist in developing an annual risk-based audit plan (RBAP) for Momentum Insure to provide assurance on key IT and operational risks and business activities.
  • Testing and tracking of management actions to remediate and close IT and operational risk related audit findings & issue log testing.
  • Ensure relevant and timeous reporting on risk assurance reviews and findings.
  • Administration of the Risk and Control Self-Assessment (RCSA), key risk indicator (KRI) monitoring and validation, and providing assistance to the IT and Operational Risk Manager in the execution and monitoring of other operational risk tools.
  • Provide assistance to the IT and Operational Risk Manager with the implementation of technologies and platforms to promote IT and operational risk process efficiencies.
  • Perform root cause analysis and identify thematic IT and operational risk exposure across the business.
  • Analyse IT and operational risk information to perform trend analysis and correlate this with industry experience, where possible.
  • Engage with senior stakeholders to promote timely and accurate information / updates to assurance and risk processes, ensuring that the role remains acutely aware of any key IT and operational process changes to enhance risk oversight. Develop remedial plans with IT and operational risk owners to manage these risks to desired levels on an ongoing basis.
  • Provide input on IT and operational risk quarterly reporting, in terms of risk exposure and associated mitigating plans.
  • Ensure quarterly SANS Top 20 is submitted to Momentum Group IT Security.
  • Ensure that regular (at least quarterly) Logical User Access Management assessments are completed.
  • Provide support to the Business Continuity Officer and IT and Operational Risk Manager during the annual disaster recovery testing process, where deemed appropriate.
  • Provide IT and Operational risk input into the Third-Party risk management process, including reviewing of Third-Party risk assessments and questionnaires.

    • Competencies

    Skills and behavioural competencies :

  • Written and verbal communication skills
  • Presentation skills
  • Influential and assertive, displaying self-confidence
  • Negotiation skills
  • Relationship management
  • Analytical skills and attentive to detail
  • Planning and organising skills
  • Upholding standards

    • Knowledge :

  • Requires knowledge of information technology risk issues, techniques and implications across a wide variety of existing information technology platforms.
  • Understanding of IT and operational risk management practices within the financial services industry.
  • Requires knowledge of the relevant regulatory, legislative, governance, risk and compliance landscapes would be beneficial to the role
  • Understanding of Enterprise Risk Management (ERM) and Own Risk and Solvency Assessment (ORSA) practices and philosophies would also be beneficial to the role.
  • ICT jobs
    • Create a job alert for this search

    Risk Specialist • Centurion, ZA