Specialist: Governance, Risk & Controls

• Take a proactive approach to ongoing evaluation of cyber security policies to ensure security

• Promote awareness of security policies, training, and the governance strategy amongst all

• Assess policy needs, train stakeholders in the policy lifecycle and clearly communicate

• Maintain and further develop the Cyber Risk Management Program
• Actively manage risks on the Cyber Risk Register from intake to resolution
• Communicate risk assessment findings with key stakeholders to develop and monitor risk

• Develop cyber risk portfolios to provide a more holistic view of teams’ risks
• Conduct regular compliance assessments with the Business to ensure that current and

• Proactive Control design and implementation guidance provided to the Business
• Process and Control Compliance Monitoring and Reporting
• Cyber audit SPOC to the business with guidance on all audit submissions
• Cyber audit report reviews and guidance to Management on the recommended actions
• Tracking and monitoring of audit remediation action implementation
• Deploying cyber security awareness training collateral with innovative approaches
• Design of status reports as well as insight reporting as and when required by Management
• Lead reporting development with the use of automation and reporting tools to generate Cyber

Tower Group South Africa (PTY) Ltd