IT GRC Analyst

IT GRC Analyst
£Competitive Day Rate (Inside IR35)
City of London

IT GRC Analyst is required to join a prestigious financial services organisation with offices in the heart of the city. Within this role you will work alongside the GRC Lead to assist in the implementation and continuous development of the IT GRC framework. You will complete technical risk assessments and support risk owners to define remediation plans and track remediation activities. You will also assess compliance with IT control requirements. This role is offered initially as a day rate contract with the possibility of leading to a permanent role.

Key Responsibilities:

Risk:

• Processing day-to-day operational and information security technical IT risks/IT exceptions within the IT Risk Register.
• Assisting the IT risk owner with assessing technical IT risks and documenting remediation plans.
• Establishing formal reporting of technical IT risk within Group IT and to 2nd line
• Assisting with annual Group IT operational risk assessments

Compliance:

• Supporting IT control compliance activities, eg annual review of IT controls, including assessing the maturity score.
• Assisting IT control owners with the ongoing self-assessment of IT controls to assist with 2nd line permanent control checks.
• Coordinating IT control attestations within Group IT and with third party service providers.

Governance:

• Assisting with the implementation of the IT risk and IT control management frameworks
• Conducting governance reviews
• Documenting IT risk and IT control management processes
• Supporting formal GRC reporting activities

Key Skills and Experience:

• 3-5+ years of Information Security Governance, Risk and Compliance experience
• Knowledge of information security risk management frameworks and compliance practices.
• Exposure to and understanding of IT Infrastructure and Business Applications areas.
• Experience of working with Internal and External audit teams.
• Proven ability in working across multi-disciplinary and multi-cultural, diverse environments.
• Excellent written and oral communication skills, with strong interpersonal skills at all levels.
• Knowledge and familiarity with the DORA regulation is desirable
• Industry recognised technical certifications such as ITIL, CISSP or similar is desirable

For a full consultation, send your CV to ARC IT Recruitment.