IT Risk & Controls Analyst, ISO27001, NIST, COBIT

Proprius Recruitment Ltd

Posted on Jan 7, 2025 by Proprius Recruitment Ltd
London, United Kingdom
IT
Immediate Start
£50k - £60k Annual
Full-Time

IT Risk & Controls Analyst, NIST, ISO27001, COBIT, ITIL will play a key part of the Technology Risk Management function, supporting the Head of Technology Risk. The role holder will form a crucial component in the establishment of an enhanced risk management framework and beyond that identify and assess potential risks across Technology, as well as ensuring a comprehensive approach to risk mitigation.

Lead and conduct comprehensive IT risk assessments to identify potential threats and vulnerabilities within the organization's Technology infrastructure.


£50 - 60,000 + Excellent Benefits + Excellent Bonuses
City of London office, Hybrid working

Develop, implement, and monitor effective controls to mitigate identified IT risks, ensuring alignment with industry best practices and regulatory requirements.

Collaborate with cross-functional teams to ensure Technology risk management practices are integrated into all business processes and projects.

Provide expert advice and assurance on IT controls to support compliance with internal policies and external regulations.

Prepare detailed reports and presentations on IT risk assessment findings and control effectiveness for senior management and stakeholders.

Technology Risk Taxonomy & Register: Identify the Technology risks faced by the organization that give rise to potential disruptions, failures, or adverse impacts on business processes arising from the use, adoption or reliance on technology including hardware, software, networks and information systems.

RCSA Process: Provide support to both Operation Risk and the Business in identifying their key risks and assessment of the effectiveness of the key controls, enabling them to understand the risk in pursuing their strategic and business objectives and the overall risk profile.

Controls Assurance Testing: Provide oversight and challenge to te business as part of their evaluation of ng the design and operation of their controls to ensure they are functioning as intended to mitigate risks.

Third Part Risk Management (TPRM) Due Diligence: Work closely with TPRM to identify, monitor and report on the technology risk related aspects of Technology provided to the organization by third parties.

Risk Scenario Analysis and Monitoring: Provide input into the identification, development, testing and remedial actions of risk scenarios that could pose potential threats to the organization's continuity.

Risk Acceptance and Exceptions: Review and approve (or decline) exception requests submitted where there is anticipated non-compliance with a control, standard or policy.

Risk Register Monitoring: Maintain and update a register of Technology-related risk events, incidents, audit findings, exceptions, etc. Work with responsible areas to assess these, develop action plans, identify owners and track through to completion.

Continuous Controls Monitoring: Drive the implementation and embedding of ongoing (and where possible automated) assessment of control effectiveness by the business to provide Real Time insights.

Work towards a detailed understanding of Technology and cyber risk frameworks (eg NIST/ISO27001/COBIT/ITIL).


Reference: 2876830738

https://jobs.careeraddict.com/post/98668173

This Job Vacancy has Expired!

Proprius Recruitment Ltd

IT Risk & Controls Analyst, ISO27001, NIST, COBIT

Proprius Recruitment Ltd

Posted on Jan 7, 2025 by Proprius Recruitment Ltd

London, United Kingdom
IT
Immediate Start
£50k - £60k Annual
Full-Time

IT Risk & Controls Analyst, NIST, ISO27001, COBIT, ITIL will play a key part of the Technology Risk Management function, supporting the Head of Technology Risk. The role holder will form a crucial component in the establishment of an enhanced risk management framework and beyond that identify and assess potential risks across Technology, as well as ensuring a comprehensive approach to risk mitigation.

Lead and conduct comprehensive IT risk assessments to identify potential threats and vulnerabilities within the organization's Technology infrastructure.


£50 - 60,000 + Excellent Benefits + Excellent Bonuses
City of London office, Hybrid working

Develop, implement, and monitor effective controls to mitigate identified IT risks, ensuring alignment with industry best practices and regulatory requirements.

Collaborate with cross-functional teams to ensure Technology risk management practices are integrated into all business processes and projects.

Provide expert advice and assurance on IT controls to support compliance with internal policies and external regulations.

Prepare detailed reports and presentations on IT risk assessment findings and control effectiveness for senior management and stakeholders.

Technology Risk Taxonomy & Register: Identify the Technology risks faced by the organization that give rise to potential disruptions, failures, or adverse impacts on business processes arising from the use, adoption or reliance on technology including hardware, software, networks and information systems.

RCSA Process: Provide support to both Operation Risk and the Business in identifying their key risks and assessment of the effectiveness of the key controls, enabling them to understand the risk in pursuing their strategic and business objectives and the overall risk profile.

Controls Assurance Testing: Provide oversight and challenge to te business as part of their evaluation of ng the design and operation of their controls to ensure they are functioning as intended to mitigate risks.

Third Part Risk Management (TPRM) Due Diligence: Work closely with TPRM to identify, monitor and report on the technology risk related aspects of Technology provided to the organization by third parties.

Risk Scenario Analysis and Monitoring: Provide input into the identification, development, testing and remedial actions of risk scenarios that could pose potential threats to the organization's continuity.

Risk Acceptance and Exceptions: Review and approve (or decline) exception requests submitted where there is anticipated non-compliance with a control, standard or policy.

Risk Register Monitoring: Maintain and update a register of Technology-related risk events, incidents, audit findings, exceptions, etc. Work with responsible areas to assess these, develop action plans, identify owners and track through to completion.

Continuous Controls Monitoring: Drive the implementation and embedding of ongoing (and where possible automated) assessment of control effectiveness by the business to provide Real Time insights.

Work towards a detailed understanding of Technology and cyber risk frameworks (eg NIST/ISO27001/COBIT/ITIL).

Reference: 2876830738

CareerAddict

Alert me to jobs like this:

Amplify your job search:

CV/résumé help

Increase interview chances with our downloads and specialist services.

CV Help

Expert career advice

Increase interview chances with our downloads and specialist services.

Visit Blog

Job compatibility

Increase interview chances with our downloads and specialist services.

Start Test