IT Risk and Governance Analyst – London – 3 month contract
We are seeking an analytical mind, with an eye for detail, procedures, and technical acumen, to help the business implement and run a new IT risk management framework. This is a multi-faceted role supporting both a Technology Transformation Programme as well as maintaining oversight over current operational technology and applications.
Responsibilities:
1. Assist the implementation of risk identification control strategies: Work with multiple teams to create learning materials, templates, and facilitate workshops.
2. Support horizon scanning exercises: Identify new and emerging risks, collaborate with Legal and Compliance teams to monitor regulatory changes.
3. Manage changes to risk taxonomy: Support updates to reference libraries for technology risk identification and assessment.
Risk and Event Analysis:
1. Review, triage, and analyze internal and external technology issues and risk events; update knowledge bases for organizational learning.
2. Assist in change reviews, Risk Control Self-Assessment exercises, control testing, and deep dives.
3. Support vendor risk assessments, controls assurance, and compliance attestations with Third Party Risk & Assurance Specialists.
Risk Controls and Management:
1. Assist in developing the technology governance framework and controls library; support policy and procedure maintenance.
2. Manage the IT controls library, review change requests, and analyze control performance.
3. Support GRC platform operations, including writing runbooks and implementing feedback for service improvements.
Risk Governance and Compliance:
1. Manage the service interface for Technology Service Governance, including FAQs, demand management, and metrics analysis.
2. Maintain records of governance decisions, policy exceptions, and risk acceptances.
3. Support audits, certifications, and address audit findings.
Reporting & Documentation:
1. Prepare and present reports on technology risk and governance performance.
2. Maintain documentation for procedures, project updates, and client interactions.
3. Develop new risk visualizations to improve communication.
4. Promote learning through awareness campaigns and training.
5. Research new technologies and risk models to enhance services and personal knowledge.
6. Support team learning and development initiatives.
Qualifications and Skills:
* Experience with enterprise technology services, support, or administration, including ITIL and asset management.
* Understanding of enterprise IT environments, cloud computing, cybersecurity, and corporate applications.
* Experience deploying and operating IT controls and procedures.
* Knowledge of IT Governance, Risk, and Compliance frameworks.
* Ability to analyze data and create reports using PowerBI, Tableau, or similar tools.
* Proficiency in scripting automation tasks with PowerAutomate, Python, or similar.
#J-18808-Ljbffr