Cyber and Technology Risk Officer

Empowering Africa’s tomorrow, together…one story at a time.

My Career Development Portal: Wherever you are in your career, we are here for you. Design your future. Discover leading-edge guidance, tools and support to unlock your potential. You are Absa. You are possibility.

Job Summary

Technology and Cyber Risk Officer forms part of the First Line of Defense supporting the day-to-day management of cyber and technology risk subtypes under the Enterprise Risk Management Framework (ERMF) and Operational and Resilience Risk Management Framework (ORRMF).
Provides structured execution and coordination across risk identification, control environment oversight, issue management, and risk reporting activities. Supports the Resilience Risk Manager and Head of Resilience in embedding effective risk management practices across business units.
Ensures that principal processes, procedures and controls relating to change management (Change and Release Management), technology risk, cyber risk and information security are implemented, maintained, and monitored in line with applicable regulatory requirements, policies and standards.

Job Description

• Support the embedment of the Technology Risk and Information Security and Cyber Risk activities aligned to the Enterprise Risk Management Framework, Operational and Resilience Risk Management Framework and supporting Policies, Standards and requirements
• Support accountable management in ensuring technology and cyber risks are effectively identified, assessed, recorded and monitored within risk registers, control inventories and issue logs.
• Maintain accurate and complete risk data, including risks, controls, issues and key risk indicators, ensuring integrity of management information and reporting.
• Drive the execution and completion of risk and control self-assessments where technology or cyber risks are material, ensuring consistency and quality of outputs.
• Review key controls for design and operating effectiveness across access management, change management, cyber controls, resilience controls and third-party technology risk, and follow up with control owners to ensure remediation where required.
• Identify control gaps and ensure actions are clearly defined with accountable owners, realistic timelines and evidence requirements, and actively track progress to closure.
• Ensure ongoing tracking of issues and remediation actions, escalating delays, control failures or risks outside tolerance to the Resilience Risk Manager or Head of Resilience.
• Identify recurring weaknesses, emerging risks and thematic trends across incidents, conformance reviews and audit outcomes, and support incorporation into risk management practices.
• Prepare clear, timely and decision-useful reporting for management, risk committees and executive forums, translating technical issues into business-relevant risk insights.
• Report on key risk exposures, risk appetite status, KRIs, incidents, open issues, audit findings, regulatory matters and control effectiveness.
• Proactively escalate material risk exposures, control deficiencies or emerging cyber and technology risks that may impact customers, operations, resilience, regulatory compliance or financial performance.
• Supporting Technology and Information Security and Cyber Risk awareness and practices.

Education

Higher Diplomas: Information Technology (Required)