IT Governance Risk and Compliance Manager at Zepz

About the role:

We are seeking an experienced and qualified proactive Manager of IT Governance, Risk, and Compliance to join our dynamic team and play a pivotal role building out a team focused on strengthening  our commitment to protecting sensitive data, assist to manage and coordinate technology and product risks while and ensuring compliance with industry standards and regulations, including but not limited to Digital Operational Resilience Act, Operational Resilience and General Data Protection Regulation. In this role, you will be instrumental in developing, implementing, and managing our iGRC function. Your primary responsibility will be to lead and enhance our governance, risk management, and compliance frameworks, aligning them with industry best practices and relevant regulations. You will collaborate closely with cross-functional teams to identify, assess, and mitigate risks while also ensuring our adherence to various security and privacy standards, certifications, and regulatory requirements. You will be expected to guide and direct junior staff and be a subject matter expert on the subject of IT GRC.

What you will own:

Reporting to the Director, Terence Govender, you will:

IT Governance:

In conjunction with the Director of IT GRC Evaluate relevant practices, Implement and maintain the IT governance framework, based on the COBIT framework.

Develop and communicate relevant policies, standards, and guidelines to promote a compliant well governed operating environment. 

Create awareness and education programs to foster a Governance culture that meets the business requirements of effective but light touch governance.

In conjunction with the Director of ITGC - Establish and Manage IT Governance forums as required.

Risk Management:

Extract risk reports from the Risk system and advise the Product and Engineering teams on outstanding issues and items requiring remediation.

In conjunction with the second line of defense (2LOD) and Domain owners, Conduct risk assessments and identify potential risks that the team may face.

Collaborate with internal stakeholders to develop risk mitigation strategies and action plans.

Compliance Management:

Oversee the compliance program, ensuring alignment with industry standards and regulations, such as DORA, Operational Resilience, Business continuity and Disaster recovery and Safeguarding.

Manage compliance audits, assessments, and certifications, coordinating with internal and external auditors as needed - understanding IT General controls (ITGC) ISAE and other Multistate audit requirements.

Stay up-to-date with changes in relevant regulations that impact the organization and update internal policies and procedures accordingly.

What you bring to the table: 

Proven  5+ years experience in governance, risk management, and compliance roles, preferably in high-tech software organizations with financial services being an advantage.

Experience in managing compliance audits and working with internal and external auditors.

Strong analytical, problem-solving, and decision-making skills.

Excellent communication and interpersonal abilities, with the ability to influence and collaborate across different teams and levels of the organization.

Relevant certifications such as COBIT 5 and above certification TIL 3 and above certification + SO 27001/2 would be advantages

Our Recruitment Process: 

Recruiter screening call - 30 Minutes 

Hiring manager interview - 1 Hour (situational and competency based assessment) 

Final interview - 90 Minutes (presentation & panel discussion)