Chief Specialist: IT Governance, Risk and Compliance

This role will have broad accountability for ICT governance, risk and compliance related functions including ICT policies, standards, risk, and controls management. This role is a key contributor to IT Strategy, which includes developing frameworks aligned to the appropriate industry standards, creating the required forums, and establishing appropriate monitoring mechanisms to ensure that compliance is effective. Duties and Responsibilities: GovernanceEstablish and maintain the IT governance operating model, including the mandate and inter-relationship between governance structuresMonitor the effectiveness of internal governance structures, including Executive committees, steering committees, and business forums, recommending potential improvements to Exco for considerationConsolidate GRC-related information across functions and governance structures, identifying priority focus areas, monitoring progress and reporting to stakeholdersEffectively promote and practice good corporate Governance. RiskLead the development and implementation of the system-wide risk management function of the IT GRC framework as designed to ensure information IT risks are identified and monitored.Develop and maintain IT Risk Registers for the group companies, and departments, and ensure its regular review by managementInternally assess, evaluate, and make recommendations to management regarding the adequacy of the IT controls for the Group's information and technology systems. Policy/ComplianceLead the system-wide IT compliance program, ensuring IT activities, processes, and procedures meet defined requirements, policies, and regulations.Develop and implement effective and reasonable policies and practices to secure protected and sensitive data and ensure IT and compliance with relevant legislation and legal interpretation. AuditWork with Internal Audit, External Audit, Internal Control functions and outside consultants as appropriate on required IT assessments and auditsCoordinate and track all information technology and IT related audits including scope of audits, timelines, auditing agencies and outcomes.Work with auditors as appropriate to keep audit focus in scope, maintain excellent relationships with audit entities and provide a consistent perspective that continually puts the institution in its best light. Provide guidance, evaluation, and advocacy on audit responses. LeadershipPerform other duties as assigned to ensure the smooth functioning of the Group and maintain the reputation of the organization as a viable business partner.Recommend programmatic and technical directions and operate with a high degree of independence in matters relating to the investigation, impact, and analysis of IT incidents, decisions regarding risk, and measures for ICT.Operate with a high degree of independence with regards to project management activities, including development of project plans and budget/resource estimates. Qualifications and experience required:Bachelor's degree with auditing and information systems or equivalentAdditional governance qualification/ certification6-8 years' experience at managerial level in a governance, risk & compliance environmentAuditing experience as a compliance officer, information risk specialist, or information technology auditorExperience managing technology budgets and management/board reportingExtensive knowledge of governance frameworks and standards such as COBIT, ISO and NIST (CoBIT certification is a plus