Location: Stellenbosch, ZA
Company: Capitec Bank Ltd
Why this role matters
We’re strengthening our IT risk capability to support how we build, deliver and scale technology. This role plays a key part in helping us move fast without losing sight of risk, control and accountability. You’ll lead a team that provides independent insight and challenge across information, technology and project risk. Your focus will be practical risk management — helping teams make better decisions, not slowing them down. If you’re a people leader who enjoys partnering with senior stakeholders and turning risk into clear, usable guidance, this role is for you. This is a vibrant, fast-paced environment where you can use technology to support risk services. You’ll have valuable opportunities to work with Group IT Risk Management, executive leadership, and regulatory bodies.
What you’ll do
This role will assist in leading our IT Risk Management function and help embed strong, consistent risk practices across our technology environment.
Your responsibilities will include:
- Providing independent oversight, advice and challenge on information, technology and project risks
- Leading risk identification, assessment and treatment across technology platforms and projects
- Performing and guiding risk and control assessments, including third‑party and supplier risk
- Building a strong risk culture by improving awareness, engagement and consistency
- Turning the function’s business plan into clear priorities, practical processes and measurable outcomes
- Leading and developing a team (minimum four direct reports) through coaching, feedback and performance management
- Contributing to governance and assurance through clear reporting, insight and stakeholder engagement
What will help you stand out
- A Bachelor’s Degree in Information Technology or a related field
- Professional certifications such as CISM, CISA, CISSP or CRISC
- Banking or financial services experience, including exposure to BCBS‑239 principles
- Experience with continuous auditing or technology assurance practices
Knowledge of:
- Cyber security and cloud platforms (e.g. AWS, Azure or Google Cloud)
- Data management and governance
- Analytics and model management
- Core banking systems and technology operations
- Incident response and recovery
- Software development life cycle
- Software engineering and architecture
- Data analytics relevant for risk management
- Artificial Intelligence and Generative AI
- Software engineering and architecture
- Data analytics relevant for risk management
- Artificial Intelligence and Generative AI
Minimum Experience
- A Bachelor’s Degree in Information Technology or a related field
- Minimum of 7+ years’ experience in IT risk, information risk, technology controls or information security risk
- Experience conducting risk and control assessments
- Working knowledge of recognised risk and control frameworks (for example COBIT, ISO, COSO, ISF, DAMA, DM‑BOK)
- A basic understanding of agile ways of working and project delivery
- Proven people management experience
- Strong communication, decision‑making, problem‑solving and reporting skills
Qualifications (Ideal or Preferred)
- Bachelor’s Degree in Information Technology
- Certification in Information Security or Risk Management
Conditions of Employment
- Clear criminal and credit record
Skhumbuzo Shandu is the founder of Careers With Shandu, a platform dedicated to helping South Africans access job opportunities, learnerships, and career development resources.
He focuses on sharing clear, practical, and up-to-date information to help matriculants, graduates, and job seekers navigate applications and build their careers.
Through his work, he aims to make opportunities easier to understand and accessible to everyone, especially young people entering the workforce.
