About The Role
HomeServe are currently recruiting for aRisk & Control Analyst to join the Technology & Change team in Walsall. The ideal candidate will have an analytical background and a good understanding of risk controls. You will have a curious nature and be eager to learn new skills, as well as be able to demonstrate that you can work well under pressure.
We work in a hybrid way, with a requirement to travel into our Walsall office at least twice a week to work with the team. With that in mind you will be located within a convenient commute to Walsall.
The Technology Risk and Control Analyst is responsible for and maintenance of the Technology and Change control frameworks to ensure adherence to regulatory standards and alignment with organisational goals. This role involves evaluating existing controls, identifying risks, and providing recommendations to strengthen IT processes while supporting audits and ensuring the effectiveness of IT governance.
Principle Accountabilities
Collaborate with IT and business teams to manage and evidence ITGC (IT General Controls) in Technology systems, processes, and projects.
Undertake and evidence testing of Technology, Change and Cyber controls aligned with frameworks including NIST, SOX, and PCI DSS.
Maintain an up-to-date record of Technology, Change and Cyber controls, including process flow diagrams, risk matrices, and control narratives to demonstrate adherence to regulatory and corporate requirements.
Conduct regular assessments of Technology, Change and Cyber systems and processes to identify risks and gaps in the existing controls framework.
Undertake regular controls design and operational effectiveness assessment and operations, detailing outcomes including gaps in the controls requiring action and remediation to manage risks.
Provide support to Technology and Change teams to produce evidence for internal/external auditors during audits.
Support audit activities and compliance reviews by assessing evidence to be submitted, review findings, and monitoring and tracking the implementation of corrective actions through to completion.
Generate reports and dashboards for stakeholders to communicate the status of Technology, Change and Cyber controls, risks, and findings.
Participate in departmental risk reviews.
Provide training to Technology & Change and business stakeholders on Technology, Change and Cyber control frameworks and risk management requirements when required.
Promote a culture of accountability, ownership, and risk awareness within the organisation.
Provide governance oversight to the IT resilience testing programme.
Support teams across Technology, Change and Cyber with IT resilience activities update templates and provide coaching when required.
About The Candidate
To be successful in this role we expect our people to have the ability to balance both delivery and be part of our culture and behaviours. You will therefore be someone who:
has demonstrable experience in the operation of technology and cyber risk and compliance activities.
has a good level of understanding of technology more generally and can both understand and challenge where appropriate.
is comfortable working with ambiguity and always seeking opportunities to change the status quo.
has a methodical detailed and logical approach to reviewing activity and delivering reporting.
provides high-quality and tested solutions.
can take the initiative and works well as part of a team.
strong data analysis and reporting.
Experience of auditboard and saleforce GRC would be an advantage but not essential.
TPBN1_UKTJ