Senior Analyst - Technology Risk Assurance

Social network you want to login/join with:

col-narrow-left

Charles Stanley & Co

London, United Kingdom

Other

-

Yes

col-narrow-right

584d289ccb87

4

12.08.2025

26.09.2025

col-wide

In this role, you will support the development and execution of risk assessments, internal controls, and security initiatives across the organisation. You’ll work closely with internal stakeholders and external partners to ensure our technology environment remains secure, compliant, and resilient.

This position involves conducting reviews of varied scope and complexity, recommending process improvements, and leading security and infrastructure projects. You’ll also play a key role in shaping our information security framework and ensuring adherence to IT security standards.

Key Responsibilities

Policies and Standards

• Represent the business unit in the development of policies and standards.
• Develop and maintain policies and procedures aligned with the Information Security Framework.

Governance and Controls

• Support ongoing risk and control consulting activities in line with internal standards and regulatory requirements.
• Collaborate with stakeholders to evaluate control environments and recommend improvements.
• Coordinate assessments, control testing, and remediation efforts with internal teams and third parties.

Exception Management

• Build and manage security exceptions to support business and technology needs.
• Track and report on exception statuses to ensure visibility and accountability.
• Evaluate supplier security through SOC reports, SSAE documentation, and site reviews.
• Maintain vendor risk records and support continuous improvement of assessment processes.
• Coordinate vendor risk assessments in collaboration with relevant teams.

Security and Infrastructure Project Consulting

• Define project scope, goals, deliverables, and timelines.
• Provide security consulting throughout the project lifecycle.
• Monitor project progress and report to stakeholders.
• Develop and maintain the Secure Design Consulting framework and apply it to qualifying projects.

What We’re Looking For

Technical Skills & Experience

• Bachelor’s degree in Computer Science, MIS, or a related field.
• Experience in information security, risk management, or audit (or equivalent education/training).
• Strong understanding of security frameworks and regulations (e.g., ISO, NIST, COBIT).
• Familiarity with the financial services industry is desirable.
• Relevant certifications such as CISSP, CISM, CISA, CRISC, CTPRP, CEH, or PMP.
• Experience with project management methodologies (Prince2 preferred).

Personal Attributes

• Excellent communication and interpersonal skills.
• Strong organisational and analytical abilities.
• Self-starter with a collaborative mindset.
• Professional, customer-focused, and eager to learn.