We are currently looking for a IT Risk and Controls specialist to join an existing team providing technology risk & controls guidance and improvement to a major programme within a large financial services organisation.
Candidates will have a mix of the following skills:
- Technology Audit & Risk
- IT Audit
- Technology Risk & Controls Assurance
- Cloud Associated Risk
- Cyber Resilience
- InfoSec Consulting
- Operational Risk
- Analysing RCSA results
- IT control testing
- IT Risk Assessment
- Risks & Controls design & embedding
- RCSA review & challenge
- Policies, Standards, Procedures definition & implementation
- COBIT, ISO
Responsibilities for the role will include:
- Contribute and review modifications and solutions for Risk Transfer delivery work components
- Assist creation of plans to limit impact of platform restructure work across business units
- Assist scoping, defining, planning and traceability of Risk Transfer solutions
- Contribute to delivery artefacts
- Contribute to project Working groups, workshops and other governance forums as needed
- Demonstrate ‘fit for purpose’ Business Analysis controls are in place to effectively support delivery of projects within the Programme
- Provide evidence that ‘user experience’ has been catered for in all projects in scope.
- Provide risk and control framework expertise to the embedding and maturity assessment of the risks.
- Provide specialist support on the Data Policy risk maturity and embedding.
- Facilitate senior and SME workshops and provide evidence on progress
- Identify gaps against existing risks and controls and support the creation of updates
- Provide specialist support on the Data Policy risk maturity and embedding.
- Effectively identify, analyse and review risks within Cyber and use risk management skills to support the business with managing their risk landscape.
- Prepare and interpret risk management output, with insight and information from multiple sources, making recommendations to senior stakeholders to support with influencing decisions and behaviours in assigned business areas.
- Evaluate controls effectiveness and review key business activities, reviewing results to provide reliable, assessment of risk management and agree management actions with senior IT/business stakeholders to address issues highlighted.
- Identify and progress opportunities to improve/enhance the delivery of mitigating controls and risk remediation.