Back to Job Search

Job Description

We are looking for a IT Governance and Risk Analyst to work under the guidance of the Head of the OCIO, where you'll join the IT team as someone who is passionate about Risk, Compliance and IT Assurance. You are responsible for managing the risk and governance of IT, pulling together this information across the function, empowering the Head of the OCIO's accountability to this.

Responsibilities;

  • Ensure in-depth knowledge and understanding of IT Risk Management practices as you collate, manage and coordinate these across the IT reports of these. You are the first line of contact to interface with IT and business stakeholders for IT risk management
  • Establish and maintain strong relationships with stakeholders in IT teams, Business Operations and Enterprise Risk Management
  • Create a working balanced scorecard (BSC) that tracks performance against the agreed IT strategic aims will be crucial, as you both liaise with contributors across IT towards this
  • Build a single BSC that allows your contributors to pool together information and data into a single report rather than having to deal with multiple tools
  • Automate your BSC as the input data is processed into digestible management information (MI), to reduce work effort
  • Coordinate key regular IT leadership team meetings geared towards assessment of the health and risk topology of the function, determining and holding action owners to account
  • Maintain a regular dialogue with Information Security and Internal audit, as you monitor and understand impacting risks, compliance needs and requirements from these areas. Facilitate all engagement between the IT stakeholders and the Risk, Compliance and Audit teams
  • Coordinate review of existing Issues and Incidents, along with actions, to ensure they are being managed in line with the Risk Management Strategy and Standards
  • Support the Head of the OCIO in executing IT Risk and Control Assurance activities and undertaking IT controls testing, and in embedding sound IT risk practices across the department. You will provide guidance and support, and coordinate completion of IT Risk and Control Self-Assessments
  • Coordinate with the IT stakeholders to ensure all policy exceptions/risk acceptances are managed in accordance with an Enterprise Risk Management Strategy and Standards
  • Maintain awareness of key IT projects/programmes and provide input to help the IT Portfolio Manager ensure that IT risks are identified and appropriately managed
  • Source and validate the risk and control indicators and measures from the risk and control owners
  • Critically evaluate information gathered from multiple sources, reconcile conflicts, decompose high-level information into details, abstract up from low-level information to create a clear understanding and identify IT risk-related trends
  • Support the Head of the CIO Office in the production of Divisional IT Risk Reporting and Dashboard
  • Escalate significant risks and issues as they emerge, to the Head of the OCIO for action or information
  • Support the IT Portfolio Manager in setting up and applying PMO processes for IT projects (including support training and development specific to program delivery process), and input & alignment to the wider TM project & programme governance processes set up (e.g., PRB, the new BDA etc.)
  • Have a deep understanding of agile - to appreciate how reporting teams to you will work - yet an ability to be structured and detailed with their contributions

Experience;

  • 5+ plus years of experience in IT Governance and Assurance, implementing IT governance and compliance within best practice frameworks
  • Working knowledge of risk and compliance assurance and monitoring practices, and a good understanding of risk and compliance issues
  • An ability to handle day-to-day risk management such as weekly meetings, recording and oversight and facilitate small workshops as required
  • Strong knowledge of IT processes and working within an IT team
  • An appreciation of Information Security standards, compliances and risks that exist within the insurance industry
  • Understanding of the audit process, having worked with Audit (internal & external) in the past
  • An aptitude for working in a regulated environment
  • Excellent verbal, written communication, and presentation skills, being able to explain complex items in a simple yet articulate manner
  • Ability to understand and interpret financial data
  • Excellent stakeholder management skills
  • A confidence in presenting information and acting as a source of knowledge and guidance
  • Analytical, conceptual thinking, planning and execution skills
  • Demonstrated ability to drive improvements and take charge of initiatives, backed with excellent coordination strength as well as assertiveness
  • Ability to work under pressure as well as result orientated
  • A desire to champion a strong risk ethic and digital innovation across the organisation

If this role could be of interest to you, please apply with an up to date version of your CV.

Eames Consulting is acting as an Employment Agency in relation to this vacancy.