IT Risk and Governance Analyst

Social network you want to login/join with:

Client: Pearson Whiffin Recruitment Group

Location: Peterborough, United Kingdom

Job Category: Other

EU work permit required: Yes

IT Risk and Governance Analyst – London – 3 month contract

We are seeking an analytical mind, with an eye for detail, procedures, and technical acumen, to help the business implement and run a new IT risk management framework. This is a multi-faceted role supporting both a Technology Transformation Programme as well as maintaining oversight over current operational technology and applications.

• Assist the implementation of risk identification control strategies; this will involve working with multiple teams to create learning material, templates, and facilitate workshops;
• Support horizon scanning exercises across the business to identify new and emerging risks, which includes working with Legal and Compliance teams to monitor regulatory changes;
• Manage changes to a risk taxonomy and reference library to support technology risk identification and assessment.

Risk and event analysis

• Review, triage, and analyze internal and external technology issues and risk events, and provide updates for a knowledge base to support continuous organizational learning and improvements;
• Assist change reviews, periodic Risk Control Self-Assessment exercises, control testing, and thematic deep dives, analyzing technology issues and risks;
• Support the Third Party Risk & Assurance Specialist with vendor risk assessments, controls assurance, and compliance attestations for clients and third parties.

Risk controls and management

• Assist the development of the technology governance framework and controls reference library, and support the development and maintenance of policies, standards, and procedures;
• Support the management of the IT controls library, reviewing change requests, version control, and providing regular analysis on technology control performance;
• Support the GRC platform and service provision, e.g., write and operate GRC runbooks, engage feedback, and conduct business analysis for change requests to improve service design and operations.

Risk governance and compliance

• Run the service interface for the Technology Service Governance, including providing information and FAQs, managing demand and expectations, and capturing and analyzing metrics on customer journeys and governance performance;
• Ensure accurate record-keeping of all governance decisions, and operate procedures to track policy and strategy exceptions and risk acceptances;
• Support internal and external audits, certifications, and the resolution of audit findings.

Reporting & documentation

• Prepare and present regular reports on technology risk and governance performance;
• Maintain accurate documentation for procedures, project updates, and client interactions for audit readiness and knowledge transfer;
• Research, develop, and implement new technology risk visualizations to enhance communication and understanding;
• Work closely with Technology Service teams to promote learning and awareness, including creating and promoting relevant campaigns and training;
• Proactively research new technology and risk modeling techniques to improve services and personal knowledge;
• Support the development of team members within the Technology Services Governance team.

Education, Qualifications, Knowledge, Skills, and Experience:

• Experience in Enterprise technology services, support, or administration, including ITIL and asset management;
• Understanding of various Enterprise IT environments, including cloud computing, cybersecurity, and corporate applications;
• Experience deploying and operating IT controls and procedures;
• Knowledge of IT Governance, Risk, and Compliance frameworks, requirements, and procedures;
• Experience in data analysis and report creation using PowerBI, Tableau, or similar tools;
• Ability to automate tasks using PowerAutomate, Python, or similar scripting languages.