IT Risk & Assurance Analyst
Business Area: IT
Place of Work: Liverpool
Contract Type: Fixed Term Contract
When you join USS, the size and scale of our pension scheme means you will have numerous opportunities to learn and develop your career. Given our size you'll have real autonomy and influence as you collaborate closely with a wide-ranging team of experts.
Our office is a vibrant place to work, and we offer flexibility of office/homeworking due to our hybrid model.
About the role
In your role as IT Risk & Assurance Analyst you will make a meaningful and valued contribution from the outset. This role will provide a great opportunity to implement and operate a 1st line assurance function, ensuring that there is increased oversight on demonstrating the effectiveness of the IT systems & controls.
Additionally, you will be responsible for identifying any control gaps and taking collective action to resolve, and with a focus on monitoring and evidencing these controls through reporting into various Committees and regulatory bodies.
What you will be doing
As a trusted part of the IT you will be responsible for:
1. Acting as the Risk Champion for ITFM
2. Acting as the single point of contact for the coordination of all Audits within IT, engaging with the appropriate IT functions to oversee the gathering of evidence
3. Tracking and reporting of IT Audit actions. This includes the EY audit that is conducted annually
4. Overseeing and coordinating of the IT Disaster Recovery plan, engaging with the appropriate IT resources and scheduling the tests with communication to the business
5. Ensuring IT recovery runbooks are documented and periodically reviewed
6. Ensuring that IT operational business continuity plans are documented and reviewed by IT Management
7. Policy Management – ensuring that IT Policies are reviewed and updated annually in line with review dates and ensuring key controls are accurately reflected within the policies
8. Ensuring documentation and evidencing of the IT Control framework, ensuring policies and procedures are documented and updated, and ensuring controls are reviewed as new technology is implemented
9. Establish a robust assurance framework that provides IT Management with the required comfort and oversight that IT controls are operating effectively and that we continue to operate within our risk appetite tolerance
10. Conducting independent testing and validation of key IT and Policy controls with appropriate evidencing and reporting to IT Management
11. IT Policies – undertaking testing and validation of the controls documented in the IT Policies. Maintaining the IT Policy control framework that has been developed, which details all of the controls stated within Policies, the reporting and evidence, the change management to any controls and procedures
12. Responsible for the production and oversight of regulatory reporting, including the annual AAF attestation, SMCR reporting to the USSIM COO, KRI assurance reporting, reporting to the BC&GCC Committee of the IT Controls
13. Independent assurance over IT teams’ procedures, controls and process maps
14. Responsible for drafting updates for various Committees such as Audit Committee, Pensions ExCo on IT Infrastructure and controls
About you
We know that sometimes people can be put off applying for a job if they don't tick every box, if you're excited about working for us and have most of the skills or experience we're looking for, then please apply, regardless of whether you meet all the requirements outlined in this profile.
To be successful in the role you will have:
15. Analytical skills and ability to interpret data and present findings
16. Good relationship and stakeholder management skills, with focus on customer service and attention to detail
17. Experience in implementing and operating a risk or control framework would be desirable, together with testing the effectiveness of controls
18. Experience and demonstrate as working as part of a team
19. Experience of working with third party companies/suppliers
20. Strong communication skills (written, pictorial, presentational and verbal) including the ability to adapt communications to different audiences
Why join us?
How we will reward you
21. Great starting salary
22. Generous annual leave package
23. Access to a high quality pension scheme provided through Universities Superannuation Scheme
24. Supportive people policies (including enhanced occupational sickness pay and family friendly pay)
25. Financial contributions towards your personal development to help you maintain your physical and mental wellbeing
26. Access to a range of health and wellbeing services i.e., private healthcare, discounted gym membership
27. Learning and development opportunities to develop your skills, knowledge and talent
28. Employee Volunteer Day’s to support the communities where you work and live
29. Cycle to Work Scheme
Our culture and values
Our people are what makes us different. We work together to create a diverse and inclusive culture that embraces individuality, where people are welcomed and feel comfortable in the knowledge that they can be themselves. Our purpose firmly states the importance of members, putting them ‘front and centre’ of what we do. This is embedded through our values:
30. Integrity
31. Collaboration
32. Excellence