IT Risk and Governance Analyst

Social network you want to login/join with:

Client: Pearson Whiffin Recruitment Group

Location: Guildford, United Kingdom

Job Category: Other

EU work permit required: Yes

IT Risk and Governance Analyst – Guildford – 3 month contract

We are seeking an analytical mind, with an eye for detail, procedures and technical acumen, to help implement and run a new IT risk management framework. This role supports a Technology Transformation Programme and maintains oversight over current operational technology and applications.

• Assist in implementing risk identification control strategies, working with multiple teams to create learning materials, templates, and facilitate workshops.
• Support horizon scanning exercises to identify emerging risks, working with Legal and Compliance teams to monitor regulatory changes.
• Manage changes to the risk taxonomy and reference library for technology risk identification and assessment.

Risk and event analysis

• Review and analyze internal and external technology issues and risk events, updating a knowledge base for continuous learning.
• Assist with change reviews, Risk Control Self-Assessment exercises, control testing, and deep dives into technology issues and risks.
• Support vendor risk assessments, controls assurance, and compliance attestations with the Third Party Risk & Assurance Specialist.

Risk controls and management

• Develop and maintain the technology governance framework, controls library, policies, standards, and procedures.
• Manage the IT controls library, reviewing change requests and analyzing control performance.
• Support GRC platform operations, including writing runbooks and implementing feedback to improve service design and operations.

Risk governance and compliance

• Operate the service interface for Technology Service Governance, managing information, FAQs, demand, and metrics.
• Record governance decisions and track policy exceptions and risk acceptances.
• Assist with audits, certifications, and resolving audit findings.

Reporting & documentation

• Prepare reports on technology risk and governance performance.
• Maintain documentation for procedures, project updates, and client interactions.
• Develop new risk visualizations to improve communication.
• Work with Technology Service teams to promote learning, awareness, and training.
• Research new technology risk modeling techniques to enhance services and personal knowledge.
• Support the development of team members.

Qualifications, Knowledge, Skills, and Experience:

• Experience in enterprise technology services, support, or administration, including ITIL and asset management.
• Understanding of enterprise IT environments, including cloud, cybersecurity, and applications.
• Experience deploying and operating IT controls and procedures.
• Knowledge of IT Governance, Risk, and Compliance frameworks and procedures.
• Ability to analyze data and create reports using PowerBI, Tableau, or similar tools.
• Skills in scripting automation tasks with PowerAutomate, Python, or similar.