IT Risk and Governance Analyst

IT Risk and Governance Analyst – London – 3 month contract

We are seeking an analytical individual with attention to detail, procedural knowledge, and technical skills to support the implementation and operation of a new IT risk management framework. This role supports a Technology Transformation Programme and oversees current operational technology and applications.

• Assist in implementing risk identification control strategies by collaborating with multiple teams to develop learning materials, templates, and facilitate workshops.
• Support horizon scanning exercises to identify emerging risks, working with Legal and Compliance teams to monitor regulatory changes.
• Manage updates to the risk taxonomy and reference library for technology risk assessment.

2. Risk and event analysis

• Review and analyze internal and external technology issues and risk events, updating the knowledge base for organizational learning.
• Assist in change reviews, Risk Control Self-Assessment exercises, control testing, and thematic analyses.
• Support vendor risk assessments, controls assurance, and compliance attestations with Third Party Risk & Assurance Specialists.

3. Risk controls and management

• Help develop the technology governance framework and controls library, and maintain policies, standards, and procedures.
• Support management of the IT controls library, reviewing change requests and analyzing control performance.
• Assist in managing the GRC platform, including writing runbooks, gathering feedback, and analyzing change requests.

4. Risk governance and compliance

• Manage the service interface for Technology Service Governance, including FAQs, demand management, and metrics analysis.
• Ensure accurate record-keeping of governance decisions and track policy exceptions and risk acceptances.
• Support audits, certifications, and resolution of audit findings.

5. Reporting & documentation

• Prepare and present reports on technology risk and governance performance.
• Maintain documentation for procedures, project updates, and client interactions.
• Develop new visualizations for technology risk communication.
• Collaborate with Technology Service teams to promote learning, awareness campaigns, and training.
• Research new technologies and risk models to improve services and personal knowledge.
• Support the development of team members within the Technology Services Governance team.

Qualifications and Skills:

• Experience with enterprise technology services, IT support, or administration, including ITIL and asset management.
• Knowledge of various enterprise IT environments, such as cloud computing, cybersecurity, and corporate applications.
• Experience deploying and operating IT controls and procedures.
• Understanding of IT Governance, Risk, and Compliance frameworks and requirements.
• Ability to analyze data and create reports using PowerBI, Tableau, or similar tools.
• Skills in scripting or automation with PowerAutomate, Python, or similar technologies.