Job Description

Affinity health vacancies – GRC Specialist (IT Governance)

GRC Specialist (IT Governance) – Affinity Health Vacancies

We are seeking a GRC Specialist (IT Governance) to support the development, implementation, and maintenance of IT Governance, Risk, and Compliance frameworks. This role ensures alignment with international standards and regulatory requirements while mitigating IT and cyber risks within a regulated financial services environment. The specialist will collaborate with cross-functional teams to uphold compliance, enhance IT controls, and drive governance initiatives.

Key Responsibilities

IT Governance

• Implement IT GRC frameworks, policies, procedures, and controls in line with company standards
• Develop and maintain governance documentation, reporting tools, and training materials
• Support governance committees through assessments, reporting, and remediation tracking
• Review and evaluate business continuity and disaster recovery plans

IT Risk Management

• Act as IT risk and compliance champion
• Maintain the IT Risk Register aligned with enterprise risk management frameworks
• Coordinate IT risk assessments, audits, access reviews, vulnerability assessments, and cyber risk integration
• Monitor, report, and escalate IT risks affecting service delivery

IT Compliance

• Ensure compliance with regulatory and legislative requirements (POPIA, PAIA, FICA, RICA, ECT Act, GOI, Joint Standards)
• Coordinate internal and external IT compliance audits
• Support data protection and information security compliance initiatives

Incident Response & Security Architecture

• Develop and maintain incident response plans
• Coordinate responses to cybersecurity incidents and conduct post-incident reviews
• Support incident communication and training programs
• Collaborate with IT and development teams to integrate security controls into IT architecture
• Ensure secure configuration and operation of systems

Required Qualifications & Experience

• Matric
• National Diploma in IT or Bachelor’s Degree (NQF Level 6)
• IT Governance certification OR ITIL & COBIT (mandatory)
• CRISC, CISSP, CISM, CISA, or CGEIT (advantageous)
• Minimum 5 years’ experience in IT Governance, Risk & Compliance
• Minimum 5 years’ experience with GRC methodologies, tools, and frameworks
• Proven experience implementing frameworks such as COBIT, ITIL, ISO, PRINCE II

Skills & Knowledge

• Strong understanding of IT Governance, Risk, and Compliance frameworks
• Knowledge of IT regulatory requirements (POPIA, GDPR, PCI DSS)
• Awareness of cybersecurity risks and preventative controls
• Excellent reporting, documentation, and stakeholder engagement skills
• Ability to communicate GRC concepts to both technical and non-technical stakeholders

Personal Attributes

• Resilient, detail-oriented, and deadline-driven
• Professional, ethical, and discreet
• Strong negotiation and conflict-resolution abilities
• Self-starter with high accountability and ownership

APPLY NOW

24 total views, 1 today

Apply for this Job

Name *

Email *

Message *

Upload resumé (pdf, doc, docx, zip, txt, rtf)

Upload cover letter (pdf, doc, docx, zip, txt, rtf)

Is fire “hot” or “cold”? *