Job description

We are seeking a detail-oriented and analytical Risk Manager to join our team. In this role, you will be responsible for identifying, assessing, and mitigating risks that could threaten the reputation, safety, security, or financial success of our organization. You will work closely with various departments to establish risk management protocols, ensure compliance with regulations, and foster a culture of risk awareness.

Key Responsibilities

Risk Identification & Assessment

• Develop and implement a comprehensive risk management framework, policies, and procedures.

• Identify potential risks (financial, operational, strategic, cyber, regulatory) through audits, data analysis, and stakeholder interviews.

• Conduct quantitative and qualitative risk assessments to prioritize risks based on likelihood and potential impact.

Monitoring & Reporting

• Monitor the organization's risk landscape and the effectiveness of internal controls.

• Prepare and present regular risk reports and dashboards to senior management and the board of directors.

• Track key risk indicators (KRIs) and trigger alerts when risk levels approach tolerance thresholds.

Mitigation & Strategy

• Develop risk mitigation strategies and action plans; coordinate with department heads to implement corrective measures.

• Advise on insurance coverage, contractual risk allocation, and business continuity planning.

• Lead or support internal investigations regarding risk incidents or control failures.

Compliance & Governance

• Ensure the organization complies with all relevant industry regulations (e.g., [GDPR, SOX, Basel, HIPAA, etc.]).

• Liaise with internal audit, legal, and compliance teams to ensure cohesive governance.

• Stay up-to-date on changes in legislation and industry standards that may affect the organization's risk profile.

Culture & Training

• Promote a culture of risk awareness across the organization.

• Develop and deliver risk management training programs for employees.

Qualifications

Education & Experience

• Bachelor’s degree in Finance, Business Administration, Economics, or a related field. MBA or relevant Master’s degree preferred.

• 3-5 years of experience in risk management, compliance, or internal audit.

• Professional certification (e.g., FRM, PRM, CRM) is highly desirable.

Skills & Competencies

• Strong knowledge of risk management frameworks (e.g., ISO 31000, COSO) and regulatory requirements.

• Proficiency in data analysis and risk modeling software (e.g., Excel, [Specific tools like SAP, MetricStream, or Tableau]).

• Excellent analytical and problem-solving skills with the ability to interpret complex data.

• Strong communication and presentation skills, with the ability to explain complex risks to non-experts.

• High level of integrity and professional ethics.

Skill Required

Development and review of Risk Management Policy, Strategy, and Appetite Statement Implementation of King V principles Application of COSO ERM Framework Public sector risk compliance (Treasury Regulations, DHET frameworks) Facilitation of strategic risk workshops with Council Conducting operational risk assessments with departmental heads Project-specific and compliance risk assessments Fraud risk identification Development and maintenance of Strategic Risk Register Maintenance of Operational Risk Registers (all divisions) Consolidation of project and fraud risk registers Tracking risk treatment plans Preparation of quarterly risk reports for Audit & Risk Committee (ARC) Annual risk reporting for Council Input into Annual Report, ARC Reports, and Audit Action Plans Presentation skills for ARC and management meetings Review and updating of Business Continuity Plan (BCP) Development of Disaster Recovery Plan (DRP) Facilitation of BCP testing and simulation exercises Understanding of Public Finance Management Act (PFMA) Treasury Regulations compliance Identifying and monitoring compliance risks Designing and delivering risk management training for management, Council, and staff Development of training materials, templates, and tools Conducting Risk Culture Surveys Mentoring and implementation support Advising on risk response strategies (avoid, mitigate, transfer, accept) Emerging risk identification Strategic input on governance and internal controls Strategic leadership in enterprise risk management Report writing and presentation to Audit Committees Team supervision and quality assurance Operational risk assessment facilitation Risk register maintenance Compliance monitoring BCP/DRP development support