IT Risk, Governance & Cyber Analyst
Our client, based in Redhill, are an exceptional financial services organisation who operate globally – they are looking for an experienced IT Risk, Governance & Cyber Analyst.
The purpose of this role is to support the IT Risk & Governance Manager with managing IT Risk, governance, controls and cyber security.
The job holder is responsible for ensuring that all IT and Cyber risks are identified and proactively managed with regular reviews, mitigation plans and respective performance metrics, additionally you will:
- Ensure that all Controls are tested at least annually
- Ensure an appropriate IT Governance Framework is in place for the business and that the respective IT functional heads have the correct IT policies, procedures, standards, RACI charts and practices for conformance with the IT Governance Framework and mandatory legislation and regulations as necessary
- In addition, to support in the delivery of education and awareness of employees as it relates to IT Risk and Cyber Security
Salary:GBP40,000 – GBP45,000
Location: Redhill/hybrid working (1 – 2 days in the office)
Hours: Monday to Friday, 9am to 5pm
Benefits that include: 27 days holiday per annum, plus bank holidays/Pension with generous contributions/ Private medical cover/ Voluntary healthcare benefits at discounted rates/voluntary benefits allowance of GBP500 per annum and much more
Your responsibilities will include:
- Identify, assess, manage, and report on all IT Risks in line with recognised good practice and 2LoD expectations. Ensure that all pre and post mitigation impacts are regularly re–assessed that all mitigation activities published are in place.
- Perform control testing throughout the year to ensure all controls are tested at least annually. Ensure they have any required action plans in place and all evidence is stored in a central repository.
- Perform gap analysis against all new and updated internal policies and ensure appropriate action plans are put in place to address any gaps.
- Keep current and monitor performance against an IT Governance Framework suitable for the business.
- Support other team members with audit and compliance enquiries
- Be the primary contact for IT related P3+ incidents and ensure they are logged in accordance with group policy. Be the primary contact for Operational Risk to ensure all relevant information is captured and reported in a timely manner.
- Design, plan and publish relevant and up to date cyber awareness articles on local intranet.
Do you have the required skills & experience?
- Proven practical experience in a similar role with demonstrable experience of developing, implementing, managing, monitoring, and testing tailor–made controls adapted to the organisation served.
- Proven experience and ability in dealing with staff at all levels of a similar sized organisation or larger.
- Excellent written and verbal communications skills.
- Excellent emotional intelligence, influencing and collaboration skills.
- Excellent presentation skills to enable effective delivery of Cyber awareness training.
- Ability to feedback on governance, risk, cyber and compliance issues in a structured manner
- Demonstrated initiative and commitment for results and the ability to set priorities and manage multiple initiatives.
- Ability to adjust to changing priorities while multitasking effectively.
- Flexible and adaptable; able to work in ambiguous situations.
- Confident and effective problem solver and decision maker.
- Solid Microsoft Excel skills to enable the creation and production of regular complex reporting for key stakeholders.
- Industry standard qualifications in IT control and audit frameworks such as COBIT, CRISC, ISO2700X, ITIL is essential.
For your information:
Interested? Please send your CV in as a Word format only
Please only apply if you are already eligible to work in the UK (indefinitely & without sponsorship),
Not for you but you know someone suitable? Take advantage of the YourRecruit paid referral fee
Due to the large numbers of responses we receive, despite our best efforts it is not possible to respond to every application. Therefore, only short–listed candidates will be contacted for this particular role and if you haven't heard from us within 7 days please assume you have been unsuccessful on this occasion. Please feel free however to apply for further roles and we will certainly keep your details on file and contact you with suitable vacancies.
YourRecruit IT Ltd does not discriminate on the grounds of age, race, gender or disability and complies with all relevant UK legislation.
To stay safe in your job search we recommend that you visit JobsAware, a non–profit, joint industry and law enforcement organisation working to combat job scams. Visit the JobsAware website for information on common scams and to get free, expert advice for a safer job