IT Risk and Governance Analyst

IT Risk and Governance Analyst – London – 3 month contract

We are seeking an analytical mind with attention to detail, procedures, and technical skills to help implement and manage a new IT risk management framework. This role supports both a Technology Transformation Programme and the oversight of current operational technology and applications.

1. Risk Identification and Control Strategies

• Assist in implementing risk control strategies by working with multiple teams to create learning materials, templates, and facilitate workshops.
• Support horizon scanning exercises to identify emerging risks, collaborating with Legal and Compliance teams on regulatory changes.
• Manage updates to risk taxonomy and reference libraries for technology risk assessment.

• Review and analyze technology issues and risk events, maintaining a knowledge base for organizational learning.
• Assist in change reviews, Risk Control Self-Assessment exercises, control testing, and thematic analyses.
• Support vendor risk assessments, controls assurance, and compliance attestations in collaboration with the Third Party Risk & Assurance Specialist.

• Help develop the technology governance framework, controls library, policies, standards, and procedures.
• Support management of the IT controls library, including change requests and performance analysis.
• Assist with GRC platform operations, including runbook management and service improvement initiatives.

• Manage the Technology Service Governance interface, including FAQs, demand management, and metrics analysis.
• Ensure accurate record-keeping of governance decisions and manage policy exceptions and risk acceptances.
• Support audits, certifications, and resolution of audit findings.

• Prepare reports on technology risk and governance performance.
• Maintain documentation for procedures, project updates, and client interactions.
• Develop technology risk visualizations to improve communication.
• Collaborate with Technology Service teams to promote learning and awareness campaigns.
• Research new technologies and risk modeling techniques to enhance services and personal knowledge.
• Support team development and knowledge sharing.

• Experience with enterprise technology services, IT support, or administration, including ITIL and asset management.
• Knowledge of enterprise IT environments, including cloud, cybersecurity, and corporate applications.
• Experience deploying and operating IT controls and procedures.
• Understanding of IT Governance, Risk, and Compliance frameworks and requirements.
• Proficiency in data analysis and report creation using PowerBI, Tableau, or similar tools.
• Ability to automate tasks using PowerAutomate, Python, or similar scripting languages.