IT Risk and Governance Analyst

Social network you want to login/join with:

Client: Pearson Whiffin Recruitment Group

Location: Southampton, United Kingdom

Job Category: Other

EU work permit required: Yes

Job Views: 4

Posted: 04.06.2025

Expiry Date: 19.07.2025

IT Risk and Governance Analyst – Southampton – 3 month contract

We are seeking an analytical mind, with an eye for detail, procedures, and technical acumen, to help the business implement and run a new IT risk management framework. This is a multi-faceted role supporting both a Technology Transformation Programme as well as maintaining oversight over current operational technology and applications.

• Assist the implementation of risk identification control strategies; this will involve working with multiple teams to create learning material, templates and facilitate workshops;
• Support horizon scanning exercises across the business to identify new and emerging risks, including working with Legal and Compliance teams to monitor regulatory changes;
• Manage changes to a risk taxonomy and reference library to support technology risk identification and assessment.

Risk and event analysis

• Review, triage, and analyze internal and external technology issues and risk events, providing updates for a knowledge base to support continuous organizational learning and improvements;
• Assist change reviews, periodic Risk Control Self-Assessment exercises, control testing, and thematic deep dives, analyzing technology issues and risks;
• Support the Third Party Risk & Assurance Specialist with vendor risk assessments, controls assurance, and compliance attestations for clients and third parties.

Risk controls and management

• Assist in developing the technology governance framework and controls reference library, and support the development and maintenance of policies, standards, and procedures;
• Support the management of the IT controls library, reviewing change requests, version control, and providing regular analysis on technology control performance;
• Support the GRC platform and service provision, e.g., writing and operating GRC runbooks, engaging feedback, and conducting business analysis for change requests to improve service design and operations.

Risk governance and compliance

• Run the service interface for Technology Service Governance, providing information and FAQs, managing demand and expectations, and capturing and analyzing metrics on customer journeys and governance performance;
• Ensure accurate record keeping of all governance decisions, and operate procedures to track policy and strategy exceptions and risk acceptances;
• Support internal and external audits, certifications, and the resolution of audit findings.

Reporting & documentation

• Prepare and present regular reports on technology risk and governance performance;
• Maintain accurate documentation for governance procedures, project updates, and client interactions for audit readiness and knowledge transfer;
• Research, experiment, and develop new technology risk visualizations to enhance communication and understanding;
• Work closely with Technology Service teams to promote learning, including creating and promoting awareness campaigns and training;
• Research state-of-the-art technology and risk modeling to improve services and enhance personal knowledge;
• Support the learning and development of team members.

Qualifications, Knowledge, Skills, and Experience:

• Experience in enterprise technology services, support, or administration, including ITIL and asset management;
• Understanding of various enterprise IT environments, including cloud computing, cybersecurity, and corporate applications;
• Experience deploying and operating IT controls and procedures;
• Knowledge of IT Governance, Risk, and Compliance frameworks and requirements;
• Ability to analyze data and create reports using PowerBI, Tableau, or similar tools;
• Proficiency in scripting automation tasks with PowerAutomate, Python, or similar.