IT GRC Consultant
Inside IR35 contract - 6 months min.
Day rate - highly competitive
IT Governance Risk and Compliance Consultant is required to join a prestigious financial services organisation with offices in the heart of the city.
Within this role you will work alongside the GRC Lead on a DORA gap analysis project, assessing 60 key systems.
Responsibilities
- Risk:
- Processing day-to-day operational and information security technical IT risks / IT exceptions within the IT Risk Register.
- Assisting the IT risk owner with assessing technical IT risks and documenting remediation plans.
- Establishing formal reporting of technical IT risk within Group IT and to 2nd.
- Assisting with annual Group IT operational risk assessments.
- Compliance:
- Supporting IT control compliance activities, e.g. annual review of IT controls, including assessing the maturity score.
- Assisting IT control owners with the ongoing self-assessment of IT controls to assist with 2nd line permanent control checks.
- Coordinating IT control attestations within Group IT and with third party service providers.
- Governance:
- Assisting with the implementation of the IT risk and IT control management frameworks, and communication within Group IT.
- Conducting governance reviews based on agreed frequencies.
- Documenting IT risk and IT control management processes.
- Supporting formal GRC reporting activities.
Qualifications
Education details
Required Skills
- Significant Information Security Governance, Risk and Compliance experience
- Knowledge of information security risk management frameworks and compliance practices.
- Exposure to and understanding of IT Infrastructure and Business Applications areas.
- Experience of working with Internal and External audit teams.
- Proven ability in working across multi-disciplinary and multi-cultural, diverse environments.
- Excellent written and oral communication skills, with strong interpersonal skills at all levels.
- Knowledge and familiarity with the DORA regulation is desirable.
Preferred Skills
Industry recognised technical certifications such as ITIL, CISSP or similar would be desirable, but not essential.
Pay range and compensation package
£Competitive Day Rate (Inside IR35)
Equal Opportunity Statement
Include a statement on commitment to diversity and inclusivity.