IT Control and Risk Specialist

Are you looking for a role where you can proactively prevent IT security threats and enhance business resilience? Can you drive IT risk management strategies and help strengthen internal controls in a dynamic and fast-paced environment?

-

We are looking for an IT Control and Risk Specialist to ensure the effectiveness of IT internal control, assess business risks related to IT operations, support compliance with regulations, and drive continuous improvement in IT governance across the organisation.

-

Tasks & responsibilities:

• Ensure IT internal controls are effective, efficient, and compliant with laws, regulations, and internal policies.
• Assess and report on business risks associated with IT operations, ownership, and adoption within the organisation.
• Execute IT risk management and control strategies in alignment with the organisation's IT priorities.
• Provide expert advice on IT governance, risk, and compliance while staying updated on industry developments.
• Collaborate with internal stakeholders across different departments and regions to align IT strategies.
• Develop, review, and implement IT control processes and best practices for continuous improvement.
• Support service delivery teams in resolving complex IT control and risk-related challenges.
• Participate in IT risk and IT control review meetings, audits, and compliance campaigns.
• Communicate IT risk and control initiatives to the IT community and ensure awareness of compliance requirements.
• Identify and mitigate potential IT control weaknesses to minimise business disruptions.
• Ensure proper documentation of IT control activities, audit findings, and corrective actions.
• Monitor adherence to IT control KPIs and recommend improvements as needed.
• Drive continuous improvement initiatives in IT governance, ensuring quality and reliability of IT systems.
• Ensure IT risk and control solutions are properly tested before implementation and clearly documented for stakeholders.
• Promote knowledge sharing and cross-functional collaboration to enhance IT control.

• Bachelor's or Master's degree in IT, Information Security, Risk Management, or a related discipline.
• At least 5+ years of experience in IT governance, risk management, compliance, or audit roles.
• ISO 27001, CISA, CISSP, CRISC, or other relevant IT governance and risk management certifications preferred.
• Strong understanding of IT risk assessment methodologies, control frameworks, and compliance standards.
• Familiarity with IT security, data privacy. regulatory compliance (GDPR, ISO 27001, NIST, COBIT, etc.).
• Proficiency in IT audit processes and experience in executing risk assessments.
• Knowledge of IT systems, cloud computing, and cybersecurity principles.
• Strong analytical and problem-solving skills to assess risks and develop mitigation strategies.
• Excellent communication skills to explain technical risks to non-technical stakeholders.
• Ability to work cross-functionally with various teams in a fast-paced environment.
• Proactive mindset with a focus on continuous improvement and innovation.
• Ability to manage multiple tasks and prioritise effectively under tight deadlines.