This advertiser has chosen not to accept applicants from your region.
Full Job Description
This is a hybrid role and would require you onsite in Brentwood 2 days per week.
Role Purpose:
Our client is looking for an IT Risk Management Lead who will be responsible for monitoring IT risks and ensuring that all controls are functioning effectively and routinely.
You will also manage each risk event from identification to conclusion, identifying any weaknesses in the control environment and implementing actions to correct them.
Key Responsibilities and Accountabilities:
* Review and log all IT risks according to the ISO27001 framework, updating the Information Security Management System risk registers accordingly.
* Prepare a monthly report for the CIO highlighting a prioritized set of current risks.
* Develop and maintain a register of all IT controls to ensure they are routinely tested and effective.
* Prepare monthly reports for the CIO to evidence the control environment.
* Work with the second line Risk Function to ensure they have the necessary reporting to assess the IT risk to the organization, including maintaining the Risk and Self Certification Assessment regime.
* Integrate the detailed IT risk management framework with the Risk function’s risk appetite and other metrics.
* Define and agree on IT risk metrics with the Risk function and monitor their effectiveness regularly.
* Manage all risk events in accordance with procedures from the Risk Function, including logging, root cause analysis, and implementing actions to improve controls, with final reporting to the CIO.
* Review remediation plans following risk events and provide assurance post-remediation.
* Review environmental/regulatory changes that may pose IT risks, such as updates to Microsoft Office 365 or other technologies, and assess regulatory-driven changes.
* Collaborate closely with the IT Infrastructure Manager to cover extended periods of absence or holidays.
* Influence the design of IT changes and solutions.
* Oversee the control environment of outsourced IT partners.
* Assist in developing BCP planning and interpreting test results.
* Perform ad hoc duties as required.
Essential Skills and Knowledge:
Technical Skills
* Extensive experience in IT infrastructure/management roles.
* Experience working in Financial Services or regulated environments.
* Proven experience in disaster recovery planning and business continuity.
* Familiarity with regulatory compliance standards such as GDPR and ISO27001.
* Proactive approach to identifying and addressing IT risks.
* Relevant experience in audit and/or risk management roles.
Soft Skills
* Excellent written and verbal communication skills, with the ability to explain complex security issues to non-technical stakeholders.
* Ability to build relationships with internal and external stakeholders and work collaboratively.
* Strong analytical and problem-solving skills.
* Ability to work independently and as part of a team.
* Attention to detail and ability to prioritize tasks.
#J-18808-Ljbffr