Job Description
This job is with St. James's Place, an inclusive employer and a member of myGwork – the largest global platform for the LGBTQ+ business community. Please do not contact the recruiter directly.
The role:
Collaborating with the Head of Service Management and Controls, the main purpose of the role is to contribute to the identification of Technology risks and assessment of associated controls that ensures St. James's Place information assets are appropriately protected in line with the company's risk appetite and the expectations set by the company's regulators.
What you'll be doing:
* Support the identification and assessment of technology related risks across SJP and its Partnership.
* Support the identification and assessment of the key controls operated across the technology division.
* Provide risk advice and challenge to the wider organisation on key information and technology projects and initiatives.
* Develop a program of activity to test local technology controls as required.
* Maintain and develop the departmental reporting of risk and controls related management information.
* Undertake assessments of current and potential suppliers technological and information security control environments in support of our approach to supplier management.
Who we're looking for:
A personable and excellent communicator, and outstanding problem solving skills and techniques. Excellent attention to detail and a proactive and collaborative approach to work.
Essential Criteria
* Ability to assess risk relating to IT systems, processes and controls
* Can successfully assess problems and suggest ways to deliver an appropriate solutions
* Excellent communications skills across all levels and ability to work closely with others
* Experience within the Financial Services environment would be advantageous or be able to identify and understand the challenges this may present
Desirable Criteria
* Knowledge of methodologies and frameworks such as COBIT, ISO27001 and ISF would be useful but not a necessity for the role
* An understanding of the UK's data protection requirements