The position will report to the Internal Audit and Risk Manager and will be responsible for identifying, assessing, monitoring and mitigating risks while ensuring the organization complies with regulatory and internal policies.
Job Responsibilities
Work with management to identify, assess and develop mitigation plan for risks according to the organization's Enterprise Risk Management framework and update the enterprise risk profile.
Provide assurance over strategic risks faced by the organization and develop relationships with both internal and external stakeholders in managing the risks.
Perform risk assessments, scenario analysis and stress tests on financial, operational, business continuity and compliance risks
Implement risk mitigation strategies tailored to identify and address potential threats and identify opportunities for the organization to harness.
Proactively follow up on action plans developed by management or various committees to address risk exposures and report on the outcomes
Prepare risk and compliance reports for presentation to senior management and the Board
Monitor key risk indicators (KRIs) using both lagging and predictive indicators
Implement and maintain internal risk and compliance policies and procedures
Support with the development ,implementation and testing of comprehensive business continuity planning (BCP) strategies and disaster recovery plans
Conduct ICT related risk assessments, vulnerability and penetration testing around the ICT infrastructure and related assets. A
Identify and investigate compliance breaches, fraud or unethical practices
Conduct training sessions for employees on risk management to facilitate the embedding of a risk-conscious culture across the organization
Work closely with Heads of Departments and Sectional Managers to address risk and compliance concerns
Keep abreast with the applicable laws, regulations, rules and standards in the risk and compliance fraternity and advice on emerging developments
Act as a point of contact for regulators, auditors, and external compliance bodies on issues relating to risk management within the organization.
Qualifications
Bachelor's degree in accounting, finance, or any related business degree from a recognized institution
Be a Certified Public Accountant (K) or other recognized equivalent qualifications
Certified Information Systems Auditor (CISA) or Certified Internal Auditor (CIA) qualification or equivalent is an added advantage.
At least 5 years of experience in Risk Management and/or auditing
Ability to work with and therefore provide assurance over ICT infrastructure and Assets various IT systems and ERPs, Syspro ERP is an added advantage.
Experience in implementing risk management is desired
Technical competencies; Knowledge of Auditing Standards, information systems auditing, Risk Management principles, Financial analysis, Data analytics and Regulatory compliance standards
Behavioural competencies: Communication skills, problem-solving skills, analytical skills, high level of integrity self-driven, confidentiality and interpersonal skills