IT Governance and Risk Analyst

IT Governance and Risk Analyst

The IT Governance and Risk Analyst will support the Head of IT in maintaining and supporting all aspects relating to IT Governance, Risk, Security and compliance within this London based Shariah compliant challenger Bank.

The individual will be required to ensure that the appropriate IT Governance Framework is in place by working and supporting the respective areas within the IT department to ensure that they have the correct policies, procedures, reporting, and standards in place. The IT GRC Analyst will be working closely with the IT Infrastructure, Development and Security teams to establish a common IT GRC framework.

Key responsibilities

• Primary contact in assisting in performing periodic reviews relating to IT by audit, risk, and compliance team.
• Assessing and maintaining IT controls defined in Policies and Standards.
• Assessing and documenting IT risks.
• Raising exceptions and defining remediation plans with risk owners.
• Assisting in establishing and maintaining IT governance frameworks such as ISO27001:2022 to encompass the technology across the Bank.
• Maintaining and improving formal reporting (MI) of IT governance & security activities.
• Monitoring of day-to-day IT operational & security risks / policy exceptions within the IT Risk Register.
• Analysing critical incidents and reporting them in the Operational Risk reporting system.
• Suggesting control improvements to increase maturity and the overall security posture.
• Coordinating IT control attestations within the IT department and with third party service providers.

Key Skills required

• Experience Information Security Governance, Risk and Compliance or IT Audit experience.
• Experience of analysing and communicating IT related incidents both internally and 3rd parties.
• Knowledge of information security risk management frameworks and monitoring tools.
• Exposure to and understanding of IT Infrastructure including cloud based systems and Business Applications areas, i.e. Azure and Microsoft 365
• Industry recognised technical certifications such as ITIL, CISSP, CISM or similar.

Additional Details

• We offer highly attractive reward package; the typical benefits include:
• 25 days holiday entitlement increasing with service
• Pension Plan
• Private Medical Insurance
• Dental Cover
• Income Protection
• Life Assurance
• Employee Referral Bonus