Senior Manager Risk - Technology

Empowering Africa’s tomorrow, together…one story at a time.

With over 100 years of rich history and strongly positioned as a local bank with regional and international expertise, a career with our family offers the opportunity to be part of this exciting growth journey, to reset our future and shape our destiny as a proudly African group.

Job Summary

As a Senior Risk Manager within the Finance Management (FM) COO Function, you will fulfill the duty of being a first line of defense (1LOD) champion for the function focusing on Technology, Information and Cyber risk. As a coordinator and value defender, you use your years of business experience, knowledge and insight from internal data sources and best practices to advise and solve complex problems while overseeing the development, implementation and delivery of optimal practice/framework designs. You mainly communicate
with technical specialist teams across the solution and delivery areas. You ask and respond to
questions on efficiency, effectiveness, compliance and risk in a proactive manner.

Job Description

The Finance Management (FM) COO team supports the Heads of FM Functions in managing the overall Finance business to enable delivery of the functions’ strategic objectives and fulfilling of business responsibilities. These responsibilities include: • Drive the Strategy for FM and its sub-functions

• Support the Heads of FM sub-functions in strategy execution • Drive the Colleague Agenda
• Cost and FTE management, including budget setting • Operational support to Functions and sub-functions
• Operational risk support and coordination of risk deliverables for the Function • Co-ordinate the above deliverables through a well-orchestrated COO community within the Functions The role of the Senior Manager Risk is therefore to
• Provide independent and objective end-to-end operational risk advice and support to drive the Risk practices for the FM COO function in line with the Enterprise Risk Management Framework and Operational and Resilience Risk Management Framework. •
• Ensure that all activities and duties are carried out in full compliance with regulatory requirements, Enterprise Risk Management Framework and internal Absa Policies and Policy Standards.

Strategic Risk Framework Leadership

• Define and implement a comprehensive risk management framework tailored to infrastructure and cloud environments.
• Align risk strategies with organizational goals, regulatory requirements, and technological advancements. •
• Review and evaluate technology, information and cyber policies and procedures, and tools to provide insight on how to reduce technology risk.
• Collaborate with infrastructure and architecture teams (Networks, Computer, Cloud, DBaaS, Mainframe and End User) to manage the specific infrastructure risk posture.
• Ensure governance processes adhere to the required standards (for example: ISO 27001 and GDPR), enhancing compliance and quality assurance.

Risk Culture & Awareness

• Foster a strong risk culture across Finance by promoting awareness and understanding of operational risk principles among senior finance leaders and teams.

Risk Oversight & Challenge •

• Monitor and challenge the relevant operational risk profile of Finance, ensuring alignment with the bank’s risk appetite. • Identify emerging risks and provide independent oversight of risk-taking activities.
• Ensure that risk is effectively managed and monitored. •
• Identify, assess, and mitigate risks across technology platforms, including operational, cyber security, and compliance risks. • Oversee incident response, disaster recovery, and business continuity efforts, ensuring resilience and rapid resolution. •
• Monitor vulnerabilities such as system downtime, data breaches, and third-party dependencies, implementing controls to minimize impact. •
• Coach users in risk identification and assessment. •
• Provide appropriate and accurate risk reporting to the required stakeholders. • Review technology, information and cyber security risks, internal and external, to help inform the risk profile

Regulatory Compliance & Governance •

• Ensure compliance with internal policies, regulatory requirements, and industry standards.
• Oversee the design and implementation of risk-aligned technology-related processes and controls.
• Implement and adhere to the provisions of the Combined Assurance Policy and Assurance Standard.
• This includes conducting assurance in line with the Combined Assurance Controls Testing Methodology.

Risk Reporting & Escalation •

• Lead the evaluation and reporting of technology risk and compliance levels, including policy adherence, dispensations, and waivers.
• Ensure accurate and timely reporting of risk events and issue resolution. •
• Design and implement regular risk reporting processes for FM management and governance bodies. •
• Prepare monthly reports and jointly contribute to the Absa Technology Governance and Reporting function’s reporting requirements as it related to Finance Management functions Technology. •
• Prepare the quarterly submission for Absa Technology ERC. •
• Preparing meeting summaries or sending out action items to stakeholders. •
• Consolidate and validate data to ensure accurate, timely, and complete risk reports. •
• Present the aggregate FM Technology risk profile to senior management. •
• Review and challenge 1LOD reports, offering insights and analytics. •
• Deliver current and forecasted risk profiles as agreed with stakeholders.

Key Risk Indicators (KRIs) & Metrics

• Drive the development, monitoring, and performance assessment of risk indicators and thresholds relevant to Finance Management’s technology risks.
• Ensure indicators are meaningful, measurable, and aligned with business objectives.
• Capability Building & Continuous Improvement Provide coaching on risk management tools (e.g., RCSAs, KRIs, risk events and Key Risk Scenarios) and lead initiatives to enhance risk capabilities and adapt to evolving expectations.
• Operational Risk Planning & Execution Support the planning and execution of operational risk deliverables with a focus on Technology risk, ensuring alignment with the central risk calendar and Finance’s strategic priorities.
• Risk Assessment & Remediation Oversight Review and challenge key risk assessments and remediation plans for Finance. Contribute to deep dives and lessons learned exercises for material risk events, ensuring effective tracking and escalation of findings.
• Data Integrity & Reporting Assurance Validate the accuracy and completeness of operational risk data and reports generated by Finance and supporting functions, ensuring high-quality risk intelligence for decision-making.

Project oversight and Technology Change •

• Identify all high/moderate risk projects in the area and track RAG status from a risk perspective. Be involved in project assurance reviews and ORIAs where required. •
• Manage change processes across infrastructure services to ensure seamless implementation. • Drive continuous improvement using iterative approaches to deliver measurable value and minimize execution risk.

Cyber security

• Define, recommend and manage cyber security controls for business initiatives and projects. •
• Participate in Threat Vulnerability Assessments and Remediation Management •
• Evaluate business requirements and assist with the secure design and solutioning of these requirements into system design and operation •
• Provides reports to key stakeholders regarding the effectiveness of cyber security posture and makes recommendations for the adoption of new policies and procedures. •
• Act as a subject matter expert (SME) in conducting vendor cyber risk assessments to improve overall vendor risk program. •
• Oversee cyber security intelligence, incident response and cyber resilience management.

Preferred Education

• B degree or equivalent specialising in Operational Risk Management / Audit or equivalent NQF level 6 qualification or higher. •
• B degree required in Information Technology
• CISA/CISSP/CISM/CGERT/PMP or any other IT Governance related qualification

Preferred Experience •

• 2 years managerial/leadership experience
• 4 years’ experience in a risk and audit environment
• 4 years job relevant experience in IT Governance •
• 4 years Financial Business environment or other financial related experience •
• Knowledge of the main operational processes, procedures and control frameworks within the Absa businesses. •
• Understanding of emerging technologies and the risk implications. •
• Proficient in Openpages (ORMS) •
• Proficient in MS Office (Word, Excel, PowerPoint and Outlook). •
• Awareness of varying legal/regulatory environments. •
• Experience in implementing risk or compliance frameworks end to end. •
• Exposure to Operational Risk Governance and Operational Risk and Control Committees •
• Experience with Risk Framework elements
• Experience in dealing with multiple, diverse and senior stakeholders. •
• No criminal record
• Knowledge of Risk Management, which includes risk identification, control design, monitoring and reporting
• Knowledge of Banking Legislation, compliance and regulatory policies and best practice
• Knowledge of risk regulation and industry standards
• Ability to operate independently
• Report writing skills
• Problem solving • Analytical skills

Education

Bachelor`s Degrees and Advanced Diplomas: Business, Commerce and Management Studies (Required)

Absa Bank Limited is an equal opportunity, affirmative action employer. In compliance with the Employment Equity Act 55 of 1998, preference will be given to suitable candidates from designated groups whose appointments will contribute towards achievement of equitable demographic representation of our workforce profile and add to the diversity of the Bank.

Absa Bank Limited reserves the right not to make an appointment to the post as advertised