Are you ready for your next play? We are bold, respectful, and we deliver, with Impact. Our long-term vision is to raise, deploy and manage funds for climate change mitigation and adaptation that will play a transformative role in our target sectors.

Climate Fund Managers (CFM) is a leading climate-centric blended finance fund manager. We raise and deploy climate finance funds in partnership at scale and at pace. Through its award-winning model, CFM has created a blueprint for a new generation of climate financiers, whose collective impact can help end the climate crisis. CFM currently manages two emerging market infrastructure funds focused on climate change mitigation and adaptation: Climate Investor One, a c. USD 1 billion fund focused on renewable energy, and Climate Investor Two, a c. USD 1 billion fund focused on water, sanitation and oceans infrastructure.

Established in 2015, CFM is a joint venture between the Dutch Development Bank, FMO, and Sanlam InfraWorks, part of the Sanlam Group of South Africa with offices in The Hague, Cape Town, Windhoek, Singapore and Bogota.

Role Summary

This is a hands-on leadership role that owns the entire IT operations and security domain for CFM. The successful candidate will manage and govern our outsourced IT environment (via a Managed Service Provider (MSP)), ensure best practices and continuing compliance with international regulations (including DORA, GDPR, POPIA), and lead improvement initiatives across IT Operations, support, security, supplier management, and operational resilience.

You will act as the single point of accountability for IT Operations, IT Support, IT Security, and related optimisation initiatives across the function.

Key Responsibilities

IT Operations (via MSP)

• Own and oversee day-to-day IT operations delivered by the MSP – infrastructure, end-user computing, cloud services, device management, access management and applications.
• Manage service delivery and enforce SLAs and KPIs across performance, incident management, availability, and change control.
• Lead regular reviews with the MSP to drive service improvement and cost efficiency.
• Govern access management, endpoint management, asset management, and backups.

IT Support

• Ensure high-quality IT support services are available to all staff globally, resolving issues efficiently.
• Monitor and analyse support ticket trends; lead root cause resolution and long-term fixes.
• Champion an excellent end-user experience, collaborating closely with the MSP and internal stakeholders.

Information Management (across CFM SharePoint environment)

• Governance and Compliance: Define and enforce policies for document retention, access control, and data classification to ensure compliance with internal standards and external regulations (e.g. GDPR, ISO 27001).
• Access and Permissions Management: Oversee role-based access controls (RBAC) and audit trails to ensure only authorised personnel can access sensitive or critical information stored on SharePoint.
• Content Lifecycle Management: Implement structured processes for content creation, approval, archiving, and disposal to maintain data integrity and reduce information sprawl.
• Security Monitoring and Incident Response: Monitor SharePoint activity for anomalies or unauthorised access attempts, and coordinate with security teams to investigate and respond to incidents.
• Drive best practice across how SharePoint should be used and kept up to date/relevant

Information Security (IT Sec)

• Develop and maintain the information security policies, standards, and awareness training.
• Oversee cyber threat monitoring, patch management, and security incident response (via MSP and internal controls).
• Conduct internal security assessments and audits; prepare for and support external audits.
• Ensure role-based access controls (RBAC) and secure configuration of systems and tools.
• Be the CISO and DPO for the organisation

Compliance & Audit

• Ensure the IT landscape maintains its obligations under legislation and regulations, including
  • DORA (Digital Operational Resilience Act – EU)
  • GDPR (General Data Protection Regulation – EU)
  • POPIA (Protection of Personal Information Act – South Africa)
• Lead the preparation, execution, and closure of IT and IT security audits.
• Own technical documentation, controls, and risk registers relevant to IT and InfoSec.

Optimisation & Projects

• Drive continuous improvement and optimisation across IT Ops, IT support, IT Sec, and MSP/ICT vendor services.
• Deliver IT-related projects including tooling improvements, automation, onboarding/offboarding, and compliance upgrades.
• Evaluate and implement new solutions in collaboration with stakeholders and the MSP.

Supplier & Vendor Management

• Own relationships with key IT suppliers, especially the MSP.
• Govern contracts, renewals, performance monitoring, and vendor risk management.
• Lead IT supplier reviews and service improvement planning.

Qualifications, Skills and Experience

• Degree in computer science, Engineering, or related field.

• Minimum 5 years’ experience in IT operations and IT security, preferably in financial services or regulated environments.
• Strong experience with IT governance in outsourced environments (preferably with MSPs).
• Demonstrated audit preparation and execution experience for IT Ops and IT Security.
• Deep familiarity with regulatory frameworks such as DORA, GDPR, POPIA, and relevant IT standards (e.g. ISO 27001, ITIL).
• Proven experience managing IT support, cybersecurity operations, and third-party vendors.
• Experience with solutions around Information Management (e.g. SharePoint), CRM, Deal pipeline (e.g. Deal Cloud), portfolio mgmt. (e.g. iLEVEL)., business systems (HR, Finance, payroll)

Technical Competencies

• Proficient in Microsoft 365 ecosystem, cloud infrastructure, identity and access management, endpoint protection, and security tooling.
• Solid understanding of network, endpoint, and SaaS security principles.
• Experience with risk assessments, vulnerability management, and DR/BCP planning.

Soft Skills

• Self-driven, proactive, and delivery-focused, with high integrity and discretion.

• Technical Problem Solver and Strategic thinker with strong analytical and problem-solving abilities
• Manage and Influence stakeholders and drive decision-making at all organizational levels
• Systematically organize stakeholders, activities, timeframes and priorities
• Situational Awareness and effective product and market orientation
• Effective communicator and collaborator across technical and non-technical teams
• Ability to manage projects balancing long-term goals with day-to-day execution
• Commitment to fostering a culture of innovation, accountability, and continuous improvement

Preferred Certifications

• CISM, CISSP, or ISO 27001 Lead Implementer/Auditor
• ITIL Foundation (or higher)
• Prince2, Agile PM, or equivalent project management certifications