IT Risk and Governance Analyst – High Wycombe – 3 month contract
We are seeking an analytical mind, with an eye for detail, procedures, and technical acumen, to help the business implement and run a new IT risk management framework. This is a role supporting both a Technology Transformation Programme and maintaining oversight of current operational technology and applications.
Responsibilities include:
1. Assist in implementing risk identification control strategies, working with multiple teams to create learning materials, templates, and facilitate workshops.
2. Support horizon scanning exercises to identify emerging risks, collaborating with Legal and Compliance teams on regulatory changes.
3. Manage changes to risk taxonomy and reference libraries for technology risk assessment.
Risk and Event Analysis:
1. Review and analyze internal and external technology issues and risks, updating a knowledge base for organizational learning.
2. Assist in change reviews, Risk Control Self-Assessment exercises, control testing, and deep dives.
3. Support vendor risk assessments and controls assurance with third-party risk & assurance specialists.
Risk Controls and Management:
1. Develop and maintain the technology governance framework, policies, standards, and procedures.
2. Manage the IT controls library, reviewing change requests and analyzing control performance.
3. Support GRC platform operations, including writing runbooks and improving service design.
Risk Governance and Compliance:
1. Manage the service interface for Technology Service Governance, including FAQs and metrics analysis.
2. Ensure accurate record-keeping of governance decisions and support audit processes.
Reporting & Documentation:
1. Prepare reports on technology risk and governance performance.
2. Maintain documentation for processes, project updates, and audits.
3. Develop new risk visualizations and promote awareness campaigns.
Qualifications and Experience:
* Experience with enterprise technology services, ITIL, and asset management.
* Knowledge of cloud computing, cybersecurity, and enterprise applications.
* Experience deploying IT controls and understanding of GRC frameworks.
* Proficiency in data analysis and reporting tools like PowerBI or Tableau.
* Ability to automate tasks using PowerAutomate, Python, or similar.
#J-18808-Ljbffr