We are currently looking for a Governance, Risk and Compliance specialist to join an existing team with one of our financial services clients.
The role will be to design and plan the implementation of a technology and information / cyber security control framework for the organisation. The role sits within a Technology, Risk and Assurance Team and will report into the Technology Assurance Manager.
Duties and Responsibilities
- Design of approach / methodology for a technology and security control framework. The framework must be aligned to Group Policy, minimum standards, industry best practice frameworks (e.g ISF, COBIT, NIST etc) in addition to SOX
- Develop the control framework model (control mapping) including key control data points e.g control objectives, descriptions, owners etc and mapped to the new risk taxonomy (as part of Risk TOM)
- Design and agree implementation plan to iteratively roll out the control framework across EUI UK Technology and Security
- Design and agree processes for the ongoing maintenance of the framework, control testing and attestation.
Skills and Experience
- Working in 1st, 2nd or 3rd lines of defence designing and / or testing controls
- Designing, implementing and operating technology and security control frameworks.
- SOX control framework implementation
- Cloud Assurance
- Financial Services