Technology Cyber Risk & Controls - Legal Entities - Insurance
We are currently recruiting for a Technology Cyber Risk & Controls SME with strong Legal entity reporting and regulatory experience to join one of our Global Insurance clients on a 6 month contract.
Please note the role is Inside IR35 and mostly remote working.
Responsibilities:
1. Assess existing technology and cyber controls for design effectiveness, risk alignment, and regulatory compliance.
2. Rewrite and standardise controls to be clear, testable, risk‑aligned, and regulator‑ready.
3. Map controls to material technology and cyber risks, risk appetite, and tolerances.
4. Work directly with control owners to agree ownership, embed controls, and clarify evidence expectations.
5. Rationalise controls to remove duplication and address gaps.
6. Support legal entity level control views, reporting, and regulatory attestations.
7. Deliver control enhancements aligned to DORA and operational resilience requirements.
8. Support control testing, issue remediation, and audit/regulatory engagement.
Experience required:
9. Frameworks: NIST, ISO 27001, COBIT (practical application).
10. Strong understanding of risk‑to‑control mapping.
11. Experience working with GRC tools.
12. Strong experience delivering technology and cyber control improvement or remediation programmes.
13. Proven hands‑on background in Technology & cyber risk management, Control design, rewrite, and assessment and IT General Controls and cyber security domains.
14. Experience working in regulated or financial services environments.
15. Demonstrable exposure to legal entity reporting and regulatory obligations.
16. Practical experience supporting DORA or equivalent ICT/operational resilience regulation.
Guidant, Carbon60, Lorien & SRG - The Impellam Group Portfolio are acting as an Employment Business in relation to this vacancy.