IT Audit/ Risk Assurance Consultant

IT Audit/ Risk Assurance Consultant
 
Role overview:

We are currently looking for a IT Audit/Risk Assurance Consultant for a contract role providing Technology Risk and Control expertise in various Cyber Security projects for one of our large financial services clients. You will also need to have extensive Audit/ Assurance experience.
 
Start Date: January 2025
Term: 6 months
Location: Hybrid with London Office (3 days per week on-site required).

Key deliverables:
 
  • Perform assurance/validation of project/programme outcomes to agreed timelines and provide updates and reports on findings and progress made. 
  • Regular updates and reports on progress made in Programme to be signed off by CRO or VP Cyber Security Risk. 
  • Support the creation and review of controls ensuring alignment to internal policies and external frameworks e.g. CRI, ISO, NIST, ISAE. 
  • Controls fully aligned to policies and frameworks created and reviewed.  Signed off by CRO or VP Cyber Security Risk. 
  • Ongoing review of control effectiveness. 
  • Support the definition of a Control Library. 
  • Control Library defined and created. 
  • Review the control library, produce a gap analysis identifying implementation gaps and remediation approach. 
  • Independent assurance of control effectiveness. 
  • Leading, facilitating and providing assurance of the RCSA process, method, and outputs. 
  • Regular reviews of RCSA process and outputs. 
  • Support the definition of a risk assessment methodology for projects. 
  • Project Risk Assessment methodology to be defined.
  • Enhancement of ISAE 3000 internal Control Framework through alignment with Control Library. 
  • Preparing relevant submissions into risk governance committees. 
  • Producing procedure documents for risk management and governance. 
  • Ongoing expertise, information, and documentation to be provided to relevant groups and committees in Risk Management and Governance. 
  • Create a Cyber Security Risk Framework aligned to the Enterprise Risk Management Framework and Group Framework. 
  • Cyber Security Risk Framework created and signed off by CRO or VP Cyber Security Risk. 
  • Support the definition and embedding of risk appetite and culture across the organisation.
  • Ongoing help and support on the definition and embedding of Risk appetite and culture. 
 
Key skills required: 
 
  • The ability to fulfil the above deliverables.
  • Extensive experience working as a Risk & Controls Consultant or in a similar capacity.
  • Experience working on Cyber Security initiatives.
  • Technical background.
  • A strong understanding of Controls Testing and Gap Analysis.
  • IT Audit Experience.
  • Assurance Experience.
  • Excellent knowledge of relevant external frameworks e.g. CRI, ISO, NIST, ISAE.
  • Strong written and verbal communication skills.
  • Strong stakeholder management skills.
  • Strong organisation and time management skills.
  • Leadership experience preferred.
  • Recent Financial Services experience essential.
 
Please note this requirement does not support overseas working and will be Inside IR35.
#LI-DNI
 
Contract
11 November 2024
SME
Risk
Apply