Job ID 207145
IT Governance & Risk Analyst
£40-45,000 plus excellent package (PMI, 27 days holiday, quarterly bonus etc.)
Leading financial services organisation have an immediate need for an IT Governance & Risk Analyst
Why apply for this role?
You will have a real "can do" attitude with a passion for IT & Cyber Risks, to be able to execute your job role responsibilities.
Reporting to the the eCISO, IT Risk & Governance Manager, you will be supporting in the management of governance, controls, cyber, information security, and IT risk.
You will be responsible for ensuring all IT and Cyber risks are identified and proactively managed with regular reviews, mitigation plans and respective performance metrics. You will ensure an appropriate IT Governance Framework is in place and that the respective IT functional heads have the correct IT policies, procedures, standards, RACI charts and practices for conformance with the IT Governance Framework and mandatory legislation and regulations as necessary.
You will play a key role in managing the education and awareness of your colleagues in relation to IT Risk and Cyber.
What you'll be doing
Identify, assess, manage and report on all IT Risks in line with recognised good practice and 2LoD expectations. Ensure that all pre and post mitigation impacts are regularly re-assessed, that all mitigation activities published are in place, that all new risks are logged in Heracles, in a reasonable timeframe and that the CIO, IT Leadership Team and relevant business stakeholders have the appropriate visibility.
Deal with or escalate any identified risks in relation to risk policies and/or legislative and regulatory guidelines in accordance with the group risk framework.
Keep current and monitor performance against an IT Governance Framework suitable for the business
Ensure that the IT leadership Team (ITLT) have effective standards, policies, processes and procedures suitable for the business. That these are regularly reviewed, approved and stored in a central repository for ease of reference and consumption and that all staff have been appropriately trained in their use
Be the primary IT contact for all audit and compliance enquiries. Ensure that these control functions have appropriate access to the department in accordance with the published audit reporting schedule/plan and monitor and track all associated IT remedial activities to completion and agreed deadlines
Be the primary contact for IT related P3+ incidents and ensure they are logged in Heracles in accordance with group policy. Be the primary contact for Operational Risk to ensure all relevant information is captured in a timely manner.
Support the eCISO, IT Risk & Governance Manager in the definition, maintenance and production of appropriate IT departmental performance reporting (metrics) and relevant alignment with the requirements of HQ in Spain. Ensure adequate action plans are in place for those that are out of appetite and ensure all metrics are uploaded on a monthly basis as per Group requirements.
Design, plan and execute local Ethical Phishing campaigns and ensure the results (or both local and Group) campaigns are followed up on, shared and reported to the relevant people in line with consequence management process. Publish all results on local intranet and in relevant forums and committees.
Design, plan and publish relevant and up to date cyber awareness articles on local intranet. Ensuring alignment with the wider business.
Plan and execute cyber awareness training for all new starters and for those who need a refresher. Keep a register of those who have participated and follow-up on those who do not attend.
Assist the eCISO, IT Risk & Governance Manager in producing the monthly reporting for all the relevant committees and forums.
What we're looking for
Significant number of years' practical experience in a similar role with demonstrable experience of developing, implementing, managing and monitoring, tailor-made controls adapted to the organisation served
Proven experience and ability in dealing with staff at all levels of a similar sized organisation or larger
Excellent written and verbal communications skills
Excellent emotional intelligence, influencing and collaboration skills
Ability to feedback on governance, risk, cyber and compliance issues in a structured manner and adapt good practice to meet the needs of the business
Demonstrated initiative and commitment for results and the ability to set priorities and manage multiple initiatives
Ability to adjust to changing priorities while multitasking effectively
Flexible and adaptable; able to work in ambiguous situations
Solid work ethic with attention to detail and commitment to results
Confident and effective problem solver and decision maker
The successful candidate will have an industry standard qualifications in IT control and audit frameworks such as COBIT, CRISC, ITIL.
What we offer
We have a range of benefits available which include:
Depending on experience, the salary will be around £35k to £40k
benefits available w include:
* £500 flexible benefits allowance
* 27 days holiday per annum, plus bank holidays.
* Pension contribution. Minimum 3% with an employer matched contribution.
* Corporate rates for private medical insurance and other insurance products
* Employee assistant programme
* Enhanced family friendly policies
* Sharesave scheme
* Childcare vouchers
* Discounts on high street brands
* Local retail discounts
TLP Consultancy Ltd is acting as an Employment Agency in relation to this vacancy