Senior IT Governance Analyst

Social network you want to login/join with:

col-narrow-left

FR Secure

bolton, greater manchester, United Kingdom

Other

-

Yes

col-narrow-right

2

10.06.2025

25.07.2025

col-wide

Job Title: Senior IT Governance Analyst

Location: Hybrid – 3 Days Onsite (Leeds or Manchester)

About the Role:

We’re working with a growing organisation seeking an experienced Senior IT Governance Analyst to join their Information Security team. This is a key role responsible for overseeing IT governance processes, managing audit activity, and ensuring risk controls are in place and effective.

You’ll work across the business to coordinate internal and external audits, support compliance efforts, and maintain a strong governance framework in line with recognised standards.

Key Responsibilities:

• Lead the coordination of IT-related audits – internal and external, including audit readiness, stakeholder engagement, and managing action plans.
• Maintain and update IT risk assessments, internal controls, and associated governance documentation.
• Provide expert feedback to control owners, supporting remediation efforts and assessing mitigation strategies.
• Review control deficiencies and guide the development of effective, sustainable solutions.
• Partner with stakeholders across IT and the business to embed good governance and risk practices.
• Own and evolve the IT Risk Management Framework, working closely with the Enterprise Risk team.
• Identify and help address weaknesses in information security and risk posture.
• Produce and manage regular reporting for IT risk governance forums.
• Oversee compliance assurance activities based on risk, ensuring continual improvement.
• Monitor and support IT teams in reporting Key Risk Indicators (KRIs), Key Control Indicators (KCIs), and Key Performance Indicators (KPIs).

What We’re Looking For:

• Proven experience in IT governance, risk, and compliance roles.
• In-depth knowledge of IT frameworks and standards such as ITIL, COBIT, NIST, SOC2, UK SOX, GDPR, and ISO 27001.
• Strong understanding of internal controls and audit processes.
• Ability to spot weaknesses in control environments and implement improvements.
• Confident in managing workloads and delivering high-quality outputs to deadlines.
• Skilled in reporting, stakeholder engagement, and driving a risk-aware culture.

Why Apply?

• Join a growing, supportive security and risk function.
• Work flexibly with a hybrid model (Leeds or Manchester hub).
• Opportunity to influence IT governance at a strategic level.
• Competitive salary with development opportunities.