Job Description

Affinity health vacancies – GRC Specialist (IT Governance)

GRC Specialist (IT Governance) – Affinity Health Vacancies

Company: Affinity Life Limited

Job Summary
Affinity Health Vacancies is seeking a GRC Specialist (IT Governance) to support the development, implementation, and ongoing maintenance of IT Governance, Risk, and Compliance frameworks. The role ensures alignment with regulatory requirements and international standards while proactively identifying, managing, and mitigating IT and cybersecurity risks within a regulated financial services environment.

Key Performance Areas

• IT Governance Frameworks
• IT Risk Management and Audit
• IT Compliance
• Incident Response and Management
• Documentation and Reporting
• Security Architecture and Implementation
• Ad hoc GRC activities

Key Responsibilities

IT Governance

• Support the implementation of IT GRC frameworks, policies, procedures, and controls aligned with approved company standards
• Develop and maintain IT governance documentation, reporting tools, and training material
• Support governance committees through reporting, assessments, and remediation tracking
• Review and assess business continuity and disaster recovery plans

IT Risk Management

• Act as an IT risk and compliance champion across the business
• Maintain the IT Risk Register in alignment with the enterprise risk management framework
• Coordinate IT risk assessments, audits, access reviews, vulnerability assessments, and cyber risk integration
• Monitor, report, and escalate IT risks impacting operational and service delivery performance

IT Compliance

• Monitor compliance with regulatory and legislative requirements including POPIA, PAIA, FICA, RICA, ECT Act, GOI, and Joint Standards
• Coordinate internal and external IT compliance audits
• Support data protection, information security, and regulatory compliance initiatives

Incident Response and Management

• Develop and maintain incident response and management plans
• Coordinate responses to cybersecurity incidents and conduct post-incident reviews
• Support incident communication, awareness, and training initiatives

Security Architecture and Controls

• Collaborate with IT and Development teams to embed security controls within IT architecture
• Ensure secure configuration, implementation, and operation of systems and applications

Candidate Requirements

Qualifications

• Matric
• National Diploma in IT or Bachelor’s Degree (NQF Level 6 or equivalent)
• IT Governance certification or ITIL and COBIT certification
• CRISC, CISSP, CISM, CISA, or CGEIT certification is advantageous

Experience

• Minimum of 5 years’ experience in IT Governance, Risk, and Compliance
• At least 5 years’ experience working with GRC methodologies, tools, and frameworks
• Proven experience implementing COBIT, ITIL, ISO, and PRINCE II frameworks

Skills and Knowledge

• Strong understanding of IT Governance, Risk, and Compliance frameworks
• Knowledge of regulatory requirements impacting IT, including POPIA, GDPR, and PCI DSS
• Solid understanding of cybersecurity risks and preventative controls
• Strong reporting, documentation, and stakeholder engagement skills
• Ability to communicate complex GRC concepts to both technical and non-technical stakeholders

Personal Attributes

• Resilient, deadline-driven, and highly accountable
• Detail-oriented with a strong ethical and professional approach
• Discreet and trustworthy with strong negotiation and conflict-resolution skills

APPLY NOW

58 total views, 1 today

Apply for this Job

Name *

Email *

Message *

Upload resumé (pdf, doc, docx, zip, txt, rtf)

Upload cover letter (pdf, doc, docx, zip, txt, rtf)

Is fire “hot” or “cold”? *