IT Risk Analyst

Time Type: Full time Worker Type: Employee This role is to provide maternity cover for an existing IT Risk Analyst. The role is to assist in developing and conducting of consistent divisional and functional risk and control assessments, performing control testing, risk reporting, and maintaining risk and control registers. The role involves collaborating with various teams to drive proactive risk management strategies and ensure compliance with IT controls. We're seeking a skilled and forward-thinking IT Risk Analyst to join our Technology team. In this role, you'll help shape the resilience and integrity of our digital infrastructure, support the delivery of insightful analysis and drive best practices across our IT risk and control environment. This is an exciting opportunity to work in a fast-paced setting and make a meaningful impact on how we manage and mitigate technology related risks. Please note this is a 12 Month Fixed Term Contract.

• Develop and maintain a strong understanding of IT Risk principles, frameworks and practices, to support our culture of proactive risk management
• Provide guidance and practical advice to IT teams in identifying, assessing and documenting risks and controls
• Coordinate and support the completion of IT Risk and Control Self-Assessments, ensuring alignment with Group standards
• Support the execution of IT Risk and Control Assurance activities, helping to validate the effectiveness of controls and identify areas for improvement
• Review and assess AI use cases to ensure they meet internal policy and standards
• Contribute to Line 1 IT Risk reporting, delivering clear and accurate insights to support governance requirements
• Coordinate with IT stakeholders to manage policy exceptions and risk acceptances, ensuring alignment with QBE's risk appetite
• Advise stakeholders on Issue and Incident Management processes and champion the adoption of sound IT risk practices

• Degree in a related field such as Information Technology, Cybersecurity, Risk Management or equivalent career experience
• Demonstrable experience in IT Risk, Technology, IT Auditor or related discipline
• Proven ability to assess and provide assurance on IT risks and controls, across multiple technology and cyber operational areas
• Strong experience conducting risk and control assessments, ideally within a regulated or enterprise environment
• Familiarity with IT control frameworks and standards e.g. COBIT, NIST, ISO 27001 or similar
• Understanding of AI-related risks and emerging technologies
• Strong stakeholder engagement skills and experience working with matrixed, geographically distributed teams
• Excellent analytical and communication skills, with the ability to translate risk concepts into clear, actionable insights

At QBE, we want our people to feel rewarded and inspired to perform at their best, that's why we have created "At My Best". It's our connection, our way of showing we have your back. We understand that one size doesn't fit all and that priorities can change depending on your life stage. That is why our blend of wellb