| Government Entity | gpaa |
|---|---|
| Location | Gauteng, Pretoria |
| Reference Number | DD/IT-RISK/2026/07-1P |
| Salary | R932,292 – R1,098,195 per annum (All-Incl.) (Level 11) |
| Centre / Location | PRETORIA HEAD OFFICE |
| Closing Date | July 17, 2026 |
| Source and Application | gpaa.gov.za |
ICT — PRETORIA HEAD OFFICE (Permanent, 1 post(s))
The purpose of the role is: to drive the development, implementation and support of IT best practice standards and ensure compliance to deliver secure and reliable systems.
Duties:
The successful candidate will be responsible for: Manage the optimal information communication technology security processes. Implement IT Security and standards in alliance with all stakeholders (SITA, Service Providers etc.) Develop IT security requirements specifications. Monitor the maintenance of security breach records. Monitor IT security compliance in all areas. Manage disaster prevention and recovery processes and backup. Implement all IT procedures, standards and policies on procurement of IT equipment. Monitor and evaluate the management and functioning of IT operations. Assess the reliability of existing IT controls against the required standards. Monitor the IT systems and controls in order to identify potential risks. Evaluate identified IT risks and escalate the awareness. Communicate with all stakeholders on a regular basis with regard to identified risks. Provide awareness sessions to all staff. Conduct regular IT security systems audit. Develop, maintain and communicate the GPAA IT risk management strategy to maximise awareness and compliance. Develop and implement IT risk management strategy that meets organisational objectives and aligns with GPAA’s overall strategy. Measure the effectiveness of risk preventative strategies on an ongoing basis and make recommendations to review and amend the strategy appropriately. Report back to key internal stakeholders at regular intervals to ensure that strategy is fit for purpose. Conduct risk awareness sessions relating to IT. Monitor system security and information ownership. Monitor patch management of systems, anti-virus and applications. Ensure the upgrading of IT security anti-virus software. Monitor system logs for breaches of security and initiates remedial actions. Monitor the adherence of security standards by all stakeholders.
Requirements:
A relevant 3-year National Diploma/Degree in Risk Management/Information Technology or equivalent qualification (at least 360 credits). Minimum six (6) years appropriate experience in ICT risk/ relevant environment with 3 years in management or middle management experience. Computer literacy which includes a good working knowledge of Microsoft Office products. Knowledge of Risk Management Frameworks (COSO, ISO31000 and ISO22301). Knowledge of IT Management & Governance Frameworks (COBIT, PRINCE 2). Knowledge of IT Management and Governance Frameworks (COBIT, PRINCE2). Knowledge of Corporate Governance (King IV). Knowledge of Barnowl system. Knowledge of Public Service Regulations & other Government prescripts. Knowledge of Prescribed Regulations, Policies, PFMA, TR. Analytical and problem-solving skills. Business Ethics. Communication skills both written and verbal. Presentation skills. Planning and organizing skills. Problem solving skills. Assertive. Approachable and innovative. Team player.
Requirements
A relevant 3-year National Diploma/Degree in Risk Management/Information Technology or equivalent qualification (at least 360 credits). Minimum six (6) years appropriate experience in ICT risk/ relevant environment with 3 years in management or middle management experience. Computer literacy which includes a good working knowledge of Microsoft Office products. Knowledge of Risk Management Frameworks (COSO, ISO31000 and ISO22301). Knowledge of IT Management & Governance Frameworks (COBIT, PRINCE 2). Knowledge of IT Management and Governance Frameworks (COBIT, PRINCE2). Knowledge of Corporate Governance (King IV). Knowledge of Barnowl system. Knowledge of Public Service Regulations & other Government prescripts. Knowledge of Prescribed Regulations, Policies, PFMA, TR. Analytical and problem-solving skills. Business Ethics. Communication skills both written and verbal. Presentation skills. Planning and organizing skills. Problem solving skills. Assertive. Approachable and innovative. Team player.
Duties
The successful candidate will be responsible for: Manage the optimal information communication technology security processes. Implement IT Security and standards in alliance with all stakeholders (SITA, Service Providers etc.) Develop IT security requirements specifications. Monitor the maintenance of security breach records. Monitor IT security compliance in all areas. Manage disaster prevention and recovery processes and backup. Implement all IT procedures, standards and policies on procurement of IT equipment. Monitor and evaluate the management and functioning of IT operations. Assess the reliability of existing IT controls against the required standards. Monitor the IT systems and controls in order to identify potential risks. Evaluate identified IT risks and escalate the awareness. Communicate with all stakeholders on a regular basis with regard to identified risks. Provide awareness sessions to all staff. Conduct regular IT security systems audit. Develop, maintain and communicate the GPAA IT risk management strategy to maximise awareness and compliance. Develop and implement IT risk management strategy that meets organisational objectives and aligns with GPAA’s overall strategy. Measure the effectiveness of risk preventative strategies on an ongoing basis and make recommendations to review and amend the strategy appropriately. Report back to key internal stakeholders at regular intervals to ensure that strategy is fit for purpose. Conduct risk awareness sessions relating to IT. Monitor system security and information ownership. Monitor patch management of systems, anti-virus and applications. Ensure the upgrading of IT security anti-virus software. Monitor system logs for breaches of security and initiates remedial actions. Monitor the adherence of security standards by all stakeholders.
Source / Circular Reference
gpaa.gov.za