IT Governance, Risk and Compliance Manager

Technology-driven company seeking an experienced IT GRC Manager to lead and strengthen our governance, risk, and compliance function. Reporting to the IT Director, you will be responsible for embedding a robust GRC framework across the business, ensuring alignment with applicable legislation and industry standards.

Minimum Requirements

• Bachelor's degree in Information Technology, Computer Science, or related field
• Relevant certifications: CISA, CRISC, CISM, ISO 27001 Lead Implementer/Auditor (advantageous)
• Minimum 5 years' experience in IT GRC or a related IT audit/risk function
• Solid knowledge of POPIA and South African regulatory requirements
• Experience with frameworks such as COBIT, ISO 27001, NIST, and ITIL
• Proven ability to develop policies, conduct risk assessments, and manage audit processes
• Strong report-writing and stakeholder communication skills
• Experience in a regulated industry (financial services, healthcare, or retail)
• Familiarity with GRC tools and platforms
• Exposure to cloud governance (AWS, Azure, or GCP environments)

Key Responsibilities

• Develop, implement, and maintain IT governance frameworks aligned to COBIT, ISO 27001, and ITIL best practices
• Identify, assess, and manage IT risks, maintaining a current risk register and mitigation plans
• Ensure compliance with South African legislation including POPIA, the Companies Act, and relevant sector regulations
• Conduct and coordinate internal IT audits and facilitate external audit readiness
• Develop and maintain IT policies, standards, and procedures
• Report on GRC status to senior management and relevant committees
• Drive security awareness and compliance culture across the IT department and broader business
• Liaise with external auditors, regulators, and third-party vendors on compliance matters
• Monitor emerging regulatory changes and assess their impact on the business

Should you not hear from us within 14 days of the closing date, please consider your application unsuccessful.

Preference will be given to candidates in line with the company's Employment Equity Plan and applicable South African legislation.

#mycareercraft #mycareercraftjobs #jobsmycareercraft