IT Governance and Compliance Analyst
South Africa
Applications have closed
Sendwave
Send money abroad to your loved ones. Fast and secure international money transfers with the Sendwave app. Trusted by one million users around the world.About Zepz
Zepz is the group powering two leading global remittance brands: WorldRemit and Sendwave. Since 2010, we have been disrupting an industry previously dominated by offline legacy players with our relentless focus on reducing the cost of remittances and increasing safety and convenience for our users. Every day, our people work to unlock the prosperity of cross-border communities through finance and technology - driven by our vision of a world that celebrates migrants’ impact on prosperity, at home and abroad.
Our brands helped cross-border communities send over $15bn from 50 countries to recipients in 130 countries in 2022. We operate over 5,000 money transfer corridors worldwide and employ over 1,000 people globally. Zepz is a remote-first employer, with team members located across six continents.
Our vision is to create a world that celebrates migrants’ impact on prosperity, at home and abroad. Our purpose is to unlock the prosperity of cross-border communities through finance and technology.
Our Commitments:
- We act like owners - We are relentlessly delivering for our users and spending money thoughtfully.
- We embrace embarrassing honesty - We function best when we're open and honest with one another — especially about our challenges and doubts.
- We have a bias to action - We get to first outcomes quickly, iterate and learn.
- We strive to be better - We may make mistakes, but always learn from them.
- We are inclusive - to better reflect and serve our users.
About the role:
The role of the IT Governance and Compliance Analyst is to act in support of the development, management, and delivery of the ZEPZ Governance programme with a special focus maturing the overall function of GRC through process and principle adoption that reduces risk, and creates value.
What you will own:
Assist in the implementation of IT Governance, Risk and Compliance solutions in line with the ZEPZ policies and frameworks. Focussing on IT Governance principles and practices.
Assist in the development and implementation IT Governance, policies, processes, procedures, and IT controls in relation to ZEPZ.
Development and implementation of IT Governance Frameworks, IT Controls, recommendations from various assessments and action plans following an appropriate methodology by management's approval that is aligned with international and financial industry standards (e. g. COBIT, ITIL, ISO, NIST, PRINCE II, CMM, etc)
Assist in the maintenance of IT alignment activities, including report submissions, across various governance committees and structures
Include control document reviews, meeting coordination, assessment, finding mediation, assisting control owner with remediation plan development, tracking findings through remediation, progress monitoring, reporting, and escalation
As 1LOD, Assist in the assessment of the current adequacy of the business continuity / disaster recovery plans in conjunction with Risk Management, potential threats to the systems, and then calculate the impact of potential adverse events in line with 2LOD.
Participate in the development, adoption, and compliance of IT governance framework across all areas of business
Perform design and process analysis and control testing for IT business processes that impact IT Governance and other audit and exam assessments.
Facilitate adoption and continuous improvement of planning practices and processes within IT and the business as a whole.
Responsibilities:
Define and develop/deploy enterprise IT policies and controls, processes, performance tracking and dashboards, technology and tools
Ensures organizations’ compliance and its controls’ effectiveness to corporate requirements through proper communication, regular practice check and continuous improvements of policies/process in place
Act as Subject Matter Expert in IT methodologies, policies, etc. He/she will be the steward of IT these artifacts. Practices must align w/ the documented design/policies/process/standards
Assist in defining architecture or a business initiative by providing the appropriate guidance to achieving the organizations’ aspiration i.e design, IT methodologies, process, policies, etc
Coordinates with internal business on technology compliance, audit and regulatory enquiries both internal and external. Represents IT from Information Security, recovery and technology risk perspective. Ensures proper analysis and timely findings/responses/mitigation in a consistent and factual manner; establish & follow the escalation or reporting process.
Drives IT organizations’ performance and proper management of IT initiatives/services through use of tools, facts/data, reports, dashboards, etc.
Ensures up-to-date and effective assets/tools or compliance through regular monitoring, analysis, investigation, strengthening and protection of business technological assets, data, etc
Participates in industry forums and/or consortiums to represent the business interest and set standards/practices
What you bring to the table:
A minimum of three years of information technology governance experience, preferably in a FinTech or similar organization.
Thought process is organised. Has passion for technical writing, structure, control and governance.
Evolved from being an technical IT person to driving IT governance in the organization.
Familiar with ICT Business e.g. Consulting, ManagedServices, CloudServices, etc
Exposed in facets of IT e.g. Projects, Delivery Support, Infrastructure, SW Development
At least 4 years relevant experience in Industry standards for IT Governance and controls frameworks e.g. COBIT, ITIL/ITSM, Project and SW Development, ISO, InfoSec/DataPrivacy, among others
Must have developed and deployed an integrated IT frameworks/methodologies, policies, processes, procedures and templates
Must have introduced efficiency &/or deployed IT tools to operations and projects
Must have performed an IT audit or familiar with Information Security, Data Privacy, Information Systems Audit requirements and other IT risk management or due diligence practices
What we offer you:
Please note that the benefits below will apply to Full-time roles.
We have five core benefits for our talent in the US, UK, Philippines, Poland, and South Africa. If you're not in one of those regions, don’t worry - the Talent team can let you know what is available for you specifically:
-
Unlimited Annual Leave: Most Zepz team members are eligible for unlimited annual leave. Colleagues in customer-facing roles, receive a competitive holiday allowance and four recharge days a year. Feel free to make the most of your time off and maintain a healthy work-life balance!
-
Private Medical Cover: You can opt-in to a Private Medical Insurance scheme. This provides you with access to thorough medical coverage, so you can feel confident in your health and well-being.
-
Retirement: We offer pension schemes to help you plan for and secure your future.
-
Life Assurance: Life assurance is available to give you peace of mind and protect your loved ones in case of the unexpected.
-
Parental Leave: We offer competitive parental leave schemes to ensure you are spending as much quality time with your new bundle of joy as possible.
We are also remote-first as an organisation, offering flexibility for you to work where you need to be most productive. In many locations, we have workspaces, which you can use as you desire. Most roles in the Philippines are predominately office-based, with this we offer free meals for those 100% on-site.
In addition to the above, you will discover that we have a range of secondary perks (such as the cycle-to-work scheme and employee discounts) depending on your location, to help you thrive at Zepz!
Why choose Zepz?
-
Our team of over 1,000 employees is fully distributed across the world. We are working from coffee shops, homes, and co-working spaces — making us one of the larger fully distributed growth-stage startups in the world but we also offer workspace in our talent cluster locations - spaces we can meet, collaborate and connect.
-
We are proud parents, community organizers, farmers, band members, yoga teachers, YouTube influencers, former Olympians, and serial entrepreneurs.
-
We collectively speak over twenty languages, including Akuapem, Amharic, Bengali, Ewe, Fante, Ga, Igbo, Kalenjin, Luganda, Oromo, Somali, Swahili, Wolof, Bulgarian, Croatian, Czech, Danish, Dutch, English, Estonian, Finnish, French, German, Greek, Hungarian, Irish, Italian, Latvian, Lithuanian, Maltese, Polish, Portuguese, Romanian, Slovak, Slovenian, Spanish and Swedish.
-
At Zepz, embodying our commitments binds us together. We are collectively passionate about striving to achieve our vision and purpose - to continue to provide the best service to our users.
Ready to Apply?
Applications will be reviewed on a rolling basis. If interested, please submit your resume along with a cover letter (optional), highlighting why your experience demonstrates you meet the requirements of the role. Please also indicate the countries in which you have work authorization.
Confidence can sometimes hold us back from applying for a job. But we'll let you in on a secret: there's no such thing as a 'perfect' candidate. Zepz is a place where everyone can thrive.
So however you identify and whatever background you bring with you, and if at all you might need any form of support to make the process as comfortable as possible, please let us know and give us a shot by applying. We want you to be excited to wake up to make an impact every day.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits COBIT Compliance Finance FinTech Governance ITIL Monitoring NIST Privacy Risk management
Perks/benefits: Health care Home office stipend Medical leave Parental leave Team events Unlimited paid time off Yoga
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Product Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs