IT Risk Assessment and Controls Assurance Specialist (VP)

About Our Client

International corporate investment bankIT Risk Assessment and Controls Assurance Specialist (VP)

Financial Services

City of London

• Technology Risk Taxonomy & Register: Identify the Technology risks faced by the organization that give rise to potential disruptions, failures, or adverse impacts on business processes arising from the use, adoption or reliance on technology including hardware, software, networks and information systems.
• RCSA Process : Provide support to both Operation Risk and the Business in identifying their key risks and assessment of the effectiveness of the key controls, enabling them to understand the risk in pursuing their strategic and business objectives and the overall risk profile.
• Controls Assurance Testing : Provide oversight and challenge to the business as part of their evaluation of ng the design and operation of their controls to ensure they are functioning as intended to mitigate risks.
• Risk Scenario Analysis and Monitoring : Provide input into the identification, development, testing and remedial actions of risk scenarios that could pose potential threats to the organization's continuity.
• Risk Acceptance and Exceptions : Review and approve (or decline) exception requests submitted where there is anticipated non-compliance with a control, standard or policy.
• Risk Register Monitoring : Maintain and update a register of Technology-related risk events, incidents, audit findings, exceptions, etc. Work with responsible areas to assess these, develop action plans, identify owners and track through to completion.
• Continuous Controls Monitoring: Drive the implementation and embedding of ongoing (and where possible automated) assessment of control effectiveness by the business to provide real-time insights.
• Critical Vendor Monitoring: Review the outputs of the Third-Party Risk Management (TPRM) process to understand the due diligence results of critical 3rd party vendors and what risks they may pose to the organization.
• Technology & Intragroup Reporting: Produce a suite of metrics for inclusion in the various Technology meetings/ forums/ reports as required.
• Third Party Risk Management (TPRM) Due Diligence : Work closely with TPRM to identify, monitor and report on the technology risk related aspects of Technology provided to the organization by third parties.
• Third Party Risk Management (TPRM) Reporting: Develop specific metrics relating to the risk exposure of 3rd party technology providers in its suite of metrics to ensure the risk position is understood.

• Attention to Detail: Meticulous attention to detail is crucial for accurately managing open audit points, helping to document audit actions, and accurately track and report on the status of management actions.
• Organisational Skills: Strong organisational skills are necessary to effectively coordinate audit schedules, manage documentation, and prioritise tasks across the IT Department.
• Time Management: Excellent time management skills are essential for managing multiple audit engagements, meeting deadlines, and ensuring the smooth progression of audit activities.
• Communication Skills: Clear and concise communication skills are vital for effectively liaising with internal and external stakeholders, conveying audit-related information, and facilitating collaboration across the IT Department.
• Analytical Skills: Basic analytical skills are beneficial for analysing audit data, identifying trends, and generating insights to support audit reporting and decision-making processes within the Technology domain.
• Adaptability: Ability to adapt to changing priorities, audit requirements, and work effectively in a dynamic and fast-paced environment.
• Confidentiality: Demonstrated ability to handle sensitive information with discretion and maintain confidentiality in accordance with organisational policies.
• Proficiency in Office Software: Proficiency in Microsoft Office Suite (Word, Excel, PowerPoint, Outlook) and other relevant software applications for document management, data entry, and reporting.
• Technology Knowledge: Work towards a detailed understanding of Technology and cyber risk frameworks (e.g. NIST / ISO27001 / COBIT / ITIL).

IT Risk Assessment and Controls Assurance Specialist (VP)

Financial Services

City of London

• 6 month rolling contract
• £662 per day Umbrella
• hybrid working

IT Risk Assessment and Controls Assurance Specialist (VP)

Financial Services

City of London