Are you passionate about ensuring IT systems, policies, and processes align with regulatory and security standards? We are seeking a dedicated IT Governance, Risk, and Compliance (GRC) Specialist to join our Information Technology team. This role is crucial in maintaining compliance with industry frameworks such as ISO 27001:2022, GDPR, and POPIA while driving risk mitigation strategies and enhancing security policies. If you thrive in a dynamic environment and have a strong understanding of IT governance principles, this is the perfect opportunity for you!

Duties & Responsibilities

• Manage and ensure regulatory compliance which includes but not limited to, ISO 27001:2022 Information Security, Cyber Security and data protection, POPIA, GDPR, OHS, Environmental, social, and governance (ESG).
• Ensure related company compliance requirements are addressed in accordance with relevant rules and regulations according to the territories within which it operates, for example privacy, security and administrative regulations.
• Ensure appropriate risk mitigation and control processes for security incidents as required.
• Receives reports of security incidents and conducts thorough investigations, prepares written findings and recommendations, along with follow-up evaluations, and analyses patterns and trends.
• Responsible for daily compliance tasks.
• Perform regular reviews and update on all company policies.
• Conduct and report on Compliance for Management.
• Coordinates and conducts the continuous development, implementation and updating of security and privacy policies, standards, guidelines, baselines, processes and procedures in compliance with applicable regulations and standards.
• Participate in improving company processes and implement tools for policy management.
• Ensure audit trails and documentation are reviewed periodically and are in compliance with policies and audit requirements.
• Collaboration with management and various company teams to improve and achieve compliance.
• Support company teams with ad hoc requests, including investigation of legislation and regulations, as well as draft the necessary processes or documentation to achieve compliance.
• Follow different compliance evolutions and market trends keeping our company up to date.
• Prepare and conduct employee awareness initiatives and training.
• Prepare and oversee audit assessments.

Desired Experience & Qualification

• Degree or equivalent qualification in computer science, IT or related field.
• Professional Information Security Certification (CISSP, CISM, CASP+ or equivalent) will be advantageous.
• At least 4 years experiences in a similar role.
• Solid working knowledge of the following regulatory requirements: GDPR , POPIA, ECT, OHS, ESG.
• Knowledge of the following security frameworks: ISO/IEC 27001, ISO/IEC 27002, NIST CSF, will be advantageous.
• Ability to articulate to non-technical audience on various compliance topics.
• Effective verbal and written communication skills.
• Effective organizational abilities along with detail-oriented, proactive approach to work.
• Ability to work under time pressure.
• Business acumen.
• Strong administrative skills.
• Team player mentality.

Reach Deka Minas (Pty) Ltd
It Governance, Risk, And Compliance Specialist position available in Gauteng, Johannesburg. This job position was posted by Deka Minas (Pty) Ltd. The job has been posted as a premium ad on 2025-02-07 at 13:02:53 in the It Computer category