IT GRC Governance Compliance Specialist

Summary of role
The organisation is looking for an IT governance, risk and compliance specialist who will develop and
implement IT governance frameworks and controls aligned with international standards; manage IT audits
and risks; ensure compliance to the applicable IT regulations and policies and deliver on the IT reporting
requirements.

Responsibilities

• Develop and implement a comprehensive IT GRC strategy.
• Development and implementation of IT Governance, risk management and compliance policies, processes and procedures implementation and embedment of various frameworks (e.g. COBIT, ITIL, ISO, NIST, SABSA, PRINCE II, CMM, etc).
• Implementation of IT controls in alignment with risk, legislative and regulatory requirements and industry trends.
• Develop, monitor and report on IT governance metrics and performance indicators.
• Assist in the maintenance of IT alignment activities, including report submissions, across various governance committees and structures.
• Assist the various IT departments with the development and maintenance of incident response plan.
• Assist in the preparation of stakeholder communications in response to cyber security incidents.
• Maintain accurate and up-to-date documentation related to IT GRC activities.
• Establish processes for continuous monitoring and IT audit and risk management reporting on compliance and risk management activities.
• Develop an IT risk profile for the university in alignment with the approved risk management framework and process.
• Conduct periodical internal risk assessments in various IT departments and tracking of application access reviews, active directory reviews, information security maturity, network and vulnerability assessments and IT audits identifying any gaps or areas for improvement.
• Lead preparations and facilitate audits for IT certifications, such as ISO27001.
• Maintain and drive the implementation of mitigation controls of the IT Risk Register.
• Continuously analyse the effectiveness of IT and Information security controls.
• Collaborate with internal stakeholders to perform risk analysis on information hosted by third parties and controls implemented, ensuring the maintenance of acceptable levels of residual risk.
• Ensure visibility of audit and risks by escalating to the relevant committees.
• Facilitate IT disaster recovery and business continuity initiatives, including testing.
• Continuously assess the adequacy of the IT and information security.
• Business continuity and disaster recovery plans in conjunction with risk management.
• Coordinate and support internal and external compliance audits.
• Oversee and evaluate compliance with regulatory requirements and practices to ensure that IT-related activities adhere to prescribed
  
  https://www.executiveplacements.com/Jobs/I/IT-GRC-Governance-Compliance-Specialist-1251949-Job-Search-01-15-2026-04-09-33-AM.asp?sid=gumtree