Our client has an exciting opportunity for an experienced IT Risk Analyst to join their team based in Guildford for an initial 3 month contract
The overall objective of the role is to assist senior IT management in the implementation and management of Enterprise IT Risk Management. The implemented IT control environment will support compliance to regulatory standards and guidelines that impact IT.
The IT Governance team has the responsibility and oversight of the definition and implementation of an over-arching IT control framework, ensuring alignment and adherence to the Group ICOFR controls; performance of 'top down' and 'bottom up' risks assessments and coordinating supplier oversight.
This role requires a high level of personal self-drive in contributing to programmes involving:
- Operation of an IT Risk Management Framework;
- Definition and assessment of IT controls governing IT applications, infrastructure operations and key IT processes;
- Conduct risk assessments to a defined and consistently applied methodology to satisfy internal and external requirements;
- Monitoring risk management processes and collaborating with all areas for any required remediation;
- Operational implementation of risk based control process & practice improvements including action capture, tracking and reporting;
- Support of the IT Risk responses through the IT Risk Committee and the IT delivery of the UK and Group Risk programmes;
- Review and process continual improvement of documented IT processes from a risk perspective;
- Support of the IT Risk input to Assurance reviews/due diligence by external partners;
- Support and oversight of IT responses to internal and external audit;
- Ensure an appropriate level of risk oversight is provided over outsourcing partners and other strategic suppliers, in particular the infrastructure and operational services provider, as required by the Regulator and Group Standards.
Technical Skills & Experience
- An excellent understanding of IT Risk Frameworks and their implementation.
- Proven experience of using the COBIT5 control framework.
- Experienced in conducting IT risk assessments.
- Sufficient knowledge of IT processes and technical platforms to be able to interface credibly and effectively with IT technical personnel.
In particular: exposure to best practices including ITIL, PRINCE 2, Agile and ISO27001, IT Operations, IT Change or development project experience, IT control design, implementation and testing experience
- Strong organisational and interpersonal skills are essential.
- Strong stakeholder management and influencing skills are essential.
- Flexible and mature approach to managing own work and assessing priority.
- Ability to work without direct supervision.
- Excellent documentation and written communication skills including experience at process documentation.
- A good understanding of process & control design and re-engineering principles.
- Proven success in working with IT management, key stakeholders and staff using reports, presentations and face to face meetings to gain buy in to proposals for process and control improvement.
- Educated to Degree level or equivalent
- IT Governance qualifications preferred (CRISC, CGEIT)
- Advanced Office tool skills (Excel, Powerpoint, etc.)
- 'Can do' attitude
- Methodical and structured approach
- Good team player