It Risk And Controls Specialist

Support the implementation & maintenance of the controls framework and internal controls life cycle.

Client Details

The company is a leading player within its sector, with a significant presence in the UK.

Description

• Support the development and maintenance of an effective internal controls framework as well as maintenance of control operating procedures, processes, and policies.
• Support the IT Risk and Controls Manager with implementing and embedding Risk and Controls transformation.
• Support the delivery of the annual controls testing cycle, validating control gaps, reviewing evidence and facilitating any remediation required together with the 1st line business and the IT team.
• Perform roles and access related risk assessments, addressing any violations through remediation or mitigation of the risk.
• Work with IT system owners to develop plans to uplift existing controls or implement new controls whilst exploring opportunities to maximise technology.
• Execute pre-implementation reviews of new financial systems to ensure compliance with the controls framework.
• Develop, implement, and test controls for new acquisitions and in-scope controls.
• Provide advisory services to change programmes within the finance and IT functions to ensure that controls are appropriately considered in the design and implementation of these programmes.
• Continuously evaluate the effectiveness of the internal controls framework and opportunities for improvement, including the development and implementation of process improvements and automation.
• Manage relationships with external auditors and other stakeholders, including developing and maintaining effective communication channels and providing timely and accurate information to senior leadership.

Profile

• Professional certification or equivalent in relevant area (e.g.,Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA).
• Strong knowledge of ITGC control frameworks, IT Application Controls and Automated Controls as well as IT dependencies (Interfaces, IPEs etc) together with the impact on financial reporting.
• Thorough understanding of ITGC domains such as Logical Access, Change Management, SDLC and Computer Operations.
• Advanced risk, controls, and information technology operations knowledge, as well as command of SAP, GAAP, SOX, COSO and/or COBIT control framework.
• Knowledge of IT auditing practices within finance IT applications and the underlying infrastructure (ITACs, Platform reviews, data migration, interfaces etc.)
• Experience in identifying control gaps and communicating audit findings and control redesign recommendations.
• Proven track record of successful and on-time delivery of IT controls projects.
• Strong technical risk management, governance and/or audit skills, understanding of risk assessment techniques and 1st, 2nd, and 3rd lines of defense frameworks.
• Robust understanding of IT General controls/ IT Application controls and impact on financial reporting

Job Offer

Competitive base salary of up to £55,000 plus bonus and double match pension.

Hybrid working - 1 day in the office every 1-2 weeks.