IT Risk Analyst

Permanent Full – time role.


Key Accountabilities

  • Assisting IT Management in discussions of IT risks with Group representatives, Central Security Services, Information Resource Owners and Business Unit Stakeholders;
  • Reporting of IT Risk Profiles and Risk Assessments;
  • Analyse data and documentation to understand potential risks to operational systems & processes;
  • Oversight of the IT Risk Mitigation Action Plans;
  • Oversight of the vulnerability management activities;
  • Support IT Risk Control Self-Assessments of applications and processes;
  • Facilitating the review and risk evaluation of new or existing information resources or technology related services, including material 3rd party suppliers;


Essential Experience

  • Understanding of IT and security risks, processes, and controls and ability to converse at a technical level;
  • Demonstrated ability to plan, schedule, coordinate work, and abilyu to maintain high levels of confidentiality and professionalism as well as have strong organisational, communicative, and interpersonal skills;
  • Knowledge of Networking & Communication Protocols – DNS, TCPIP, UDP, HTTP HTTPS, SSL, FTP, SCP, SOAP & REST;
  • Proven ability to work independently and cross-functionally;
  • Ability to prepare presentations, status reports, process narratives, and workflow diagrams;
  • Excellent verbal and written communication skills;
  • Interacts well with all levels in a team environment;
  • Strong analytical and problem-solving skills;
  • Ability to work on multiple tasks/priorities;
  • Familiar with Word, Excel, PowerPoint, OneNote, Visio, and Jira;
  • Experience with security testing tools – ZAP, Burp Suite or similar.


Essential Knowledge & Skills

  • Technical Background (min 6 to 8 years) in Application Development and/or Networking/Security;
  • Bachelor’s Degree in an information technology-related field or related field augmented by industry related training programmes and supported by work experience preferred;
  • 3 years+ in an Information Security / Risk Analyst role;
  • The following security certifications would be beneficial, but not essential: CRISC, CISA, CISSP, CISM, or Security+;

​If this role interests you and you feel you have the requisite skills and experience, then please do send your up to date C.V and contact details through to or apply here.. 

Excellence in IT Resourcing