Senior Analyst - Technology Risk & Controls

Workplace: White City, London. Expectation is minimum 2 days in the office per week

The Senior Technology Controls Analyst is responsible for supporting the design, implementation, and maintenance of technology controls to mitigate risks and ensure compliance with relevant policies, standards, and regulations. This role involves assessing the design and effectiveness of existing controls, identifying areas for improvement, and collaborating with technology and business stakeholders to enhance the control environment. The senior analyst will execute day-to-day control activities, work collaboratively with stakeholders, and coordinate audit and assurance activities.

The team

Risk management is a key priority for ITV, as our long-term success depends to a significant extent on how we identify and address current and emerging risks we face as a business. As part of Group Risk, the Technology Risk and Controls team is responsible for the management of technology risks by providing oversight and governance of risks, issues, mitigations, and action plans.

• Assist in the identification and assessment of technology risks and issues.
• Evaluate the design and operating effectiveness of technology controls, and document test results in accordance with established methodologies.
• Identify control deficiencies and work with control owners to develop remediation plans.
• Monitor the progress of remediation efforts and track the implementation of corrective actions.
• Execute day-to-day activities, ensuring the robustness and continued improvement of our control environment.
• Play a role in ITV's GRC risk management system, ensuring it is maintained, updated, and all necessary risk management procedures are followed.
• Work closely with Risk teams across ITV to understand the impact of business changes on technology controls.
• Work collaboratively with all stakeholders, including second and third lines of defence, to ensure operational efficiency and continuous improvement in internal and external assurance activities.
• Provide support and guidance to technology and business teams on control-related matters.
• Promote a strong controls culture in the organisation through training and awareness of technology controls risk management.
• Prepare summary reports on the progress of individual control assessments for appropriate internal committees, ensuring timely creation of materials for pre-meeting review.
• Prepare reports and communicate findings to management and stakeholders.
• Experience in leveraging data analytics and automation to drive continuous compliance and a data-driven approach within the Tech Risk and Controls function.
• Experience in developing dashboards to monitor key risk indicators (KRIs), key performance indicators (KPIs), and control effectiveness.

• Bachelor's degree in Information Systems, Computer Science, Business Administration, or a related field.
• Previous experience in IT audit, risk management, or compliance.
• At least one of relevant certifications, such as CISA, CRISC, or CISM is desirable but not essential.
• Strong understanding of technology controls, including ITGCs and application controls.
• Knowledge of relevant frameworks and standards, such as COBIT, NIST, ISO 27001, and SOX.
• Knowledge of cloud computing, cybersecurity, and data privacy principles.

Please note, on occasion we may receive a very large volume of applications which means applications for a role may close earlier than the referenced closing date. We’d encourage you to apply as soon as possible if interested.