IT Risk and Governance Analyst

IT Risk and Governance Analyst – Preston, Lancashire – 3 month contract

We are seeking an analytical mind, with an eye for detail, procedures, and technical acumen, to help the business implement and run a new IT risk management framework. This is a multi-faceted role supporting both a Technology Transformation Programme as well as maintaining oversight over current operational technology and applications.

1. Assist the implementation of risk identification control strategies: Work with multiple teams to create learning material, templates, and facilitate workshops.
2. Support horizon scanning exercises: Identify new and emerging risks, working with Legal and Compliance teams to monitor regulatory changes.
3. Manage changes to risk taxonomy: Support updates to the reference library for technology risk identification and assessment.

1. Review, triage, and analyze internal and external technology issues and risk events, providing updates for a knowledge base.
2. Assist with change reviews, Risk Control Self-Assessment exercises, control testing, and thematic deep dives.
3. Support vendor risk assessments, controls assurance, and compliance attestations with the Third Party Risk & Assurance Specialist.

1. Assist in developing the technology governance framework and controls reference library.
2. Support the management of the IT controls library, including reviewing change requests and analyzing control performance.
3. Support GRC platform operations, including writing runbooks and engaging feedback for service improvements.

1. Manage the service interface for Technology Service Governance, including FAQs and metrics analysis.
2. Keep records of governance decisions and track policy and strategy exceptions.
3. Support audits, certifications, and resolution of audit findings.

1. Prepare reports on technology risk and governance performance.
2. Maintain documentation for procedures, project updates, and client interactions.
3. Research and develop new technology risk visualizations.
4. Collaborate with Technology Service teams to promote learning and awareness campaigns.
5. Research new technology and risk modeling techniques to improve services.
6. Support the development of team members within the Technology Services Governance team.

• Experience in enterprise technology services, support, or administration, including ITIL and asset management.
• Understanding of enterprise IT environments, including cloud, cybersecurity, and corporate applications.
• Experience deploying and operating IT controls and procedures.
• Knowledge of IT Governance, Risk, and Compliance frameworks.
• Experience creating reports with PowerBI, Tableau, or similar tools.
• Ability to automate tasks using PowerAutomate, Python, or similar scripting languages.