IT Risk and Controls Analyst (Contract)

Job Description

IT Risk and Control Analyst (Investment Banking - Contract)

A global Investment Bank is seeking an IT Risk and Control Analyst (Contract) to assist in the delivery of IT risk and audit governance related initiatives (IT SOX Audit, Annual system risk evaluation, FFIEC assessment, KRI collection etc.). This person will test IT controls in regards to technology, including SOX controls, and recommend associated process enhancements.

Generally, this person will be responsible for that audit and risk related responses are delivered effectively and to a high standard. particularly when data is going out of Technology, and from a first line of defence perspective.

Your key responsibilities will be:

• Assess the Risk profile of technology and communicating the results to management
• To support the IT Risk and Control Library owners, supporting owners to conduct the RSCA against the processes areas, using Open Pages
• Test Generic IT controls and ensure control gaps are tracked and remediated
• To engage with technology owners to identify, document and monitor self-identified issues, and remediate with action plans
• Monitor and report monthly KRIs
• Provide monthly reporting on risks, controls, and any issues, to various risk and management committee
• Communicate with Technology and Business teams when required to ensure all systems meet security standards and/or agree appropriate measures to mitigate the risk
• Train staff on Risk and Controls
• Maintain an up to date, working knowledge of current laws, regulations and best practices relating to technology controls.

You will have:

• Strong technical background in risk management with proven IT risk and/or IT governance skills.
• Certified CRISC / CISA or other relevant qualifications desirable.
• Ability to make sense of complex situations and rapidly prioritise issues to take effective decisions in a commercial manner.

This is a contract position operating on a hybrid work set up.