IT Risk and Governance Analyst

Social network you want to login/join with:

Client: Pearson Whiffin Recruitment Group

Location: Cheltenham

Job Category: Other

EU work permit required: Yes

Job Views: 4

Posted: 04.06.2025

Expiry Date: 19.07.2025

IT Risk and Governance Analyst – Cheltenham – 3 month contract

We are seeking an analytical mind, with an eye for detail, procedures, and technical acumen, to help the business implement and run a new IT risk management framework. This is a multi-faceted role supporting both a Technology Transformation Programme as well as maintaining oversight over current operational technology and applications.

• Assist the implementation of risk identification control strategies; this will involve working with multiple teams to create learning material, templates, and facilitate workshops;
• Support horizon scanning exercises across the business to identify new and emerging risks, including working with Legal and Compliance teams to monitor regulatory changes;
• Manage changes to a risk taxonomy and reference library to support technology risk identification and assessment.

2. Risk and event analysis

• Review, triage, and analyze internal and external technology issues and risk events, providing updates for a knowledge base to support continuous organizational learning and improvements;
• Assist change reviews, periodic Risk Control Self-Assessment exercises, control testing, and thematic deep dives, analyzing technology issues and risks;
• Support the Third Party Risk & Assurance Specialist with vendor risk assessments, controls assurance, and compliance attestations for clients and third parties.

3. Risk controls and management

• Assist the development of the technology governance framework and controls reference library, supporting the development and maintenance of policies, standards, and procedures;
• Support the management of the IT controls library, reviewing change requests, version control, and providing regular analysis on technology control performance;
• Support the GRC platform and service provision, e.g., writing and operating GRC runbooks, engaging feedback, and conducting business analysis for change requests to improve service design and operations.

4. Risk governance and compliance

• Run the service interface for Technology Service Governance, including providing information and FAQs, managing demand and expectations, and capturing and analyzing metrics on governance performance;
• Ensure accurate record-keeping of governance decisions and operate procedures to track policy and strategy exceptions and risk acceptances;
• Support internal and external audits, certifications, and the resolution of audit findings.

5. Reporting & documentation

• Prepare and present regular reports on technology risk and governance performance;
• Maintain accurate documentation for governance procedures, project updates, and client interactions for audit readiness and knowledge transfer;
• Research and develop new technology risk visualizations to enhance communication;
• Collaborate with Technology Service teams to promote learning, awareness campaigns, and compliance training;
• Research state-of-the-art technology and risk modeling to improve services and personal knowledge;
• Support the development of team members within the Technology Services Governance team.

Education, Qualifications, Knowledge, Skills, and Experience:

• Experience in enterprise technology services, support, or administration, including ITIL and asset management;
• Understanding of various enterprise IT environments, including cloud computing, cybersecurity, and corporate applications;
• Supported deployment and operation of IT controls and procedures;
• Knowledge of IT Governance, Risk, and Compliance frameworks, requirements, and procedures;
• Experience in analyzing data and creating reports using PowerBI, Tableau, or similar tools;
• Ability to automate tasks using PowerAutomate, Python, or similar scripting languages.