IT Risk, Governance and Cyber Analyst
Location: London
Job Type: Full-time, Hybrid (minimum 2 days in-office)
Salary: £40,000 - £45,000 (dependent on skills & experience)
We are currently seeking an IT Risk, Governance and Cyber Analyst to join our team at a leading Motor Finance company. The successful candidate will support the eCISO, IT Risk & Governance Manager in managing IT Risk, governance, controls, and cyber security. This role is ideal for someone with proven practical experience in a similar role, excellent communication skills, and industry-standard qualifications in IT control and audit frameworks.
Day to Day of the role:
- Identify, assess, manage, and report on all IT Risks in line with good practice and expectations.
- Perform control testing annually and manage action plans and evidence storage.
- Conduct gap analysis against internal policies and ensure action plans address any gaps.
- Maintain and monitor performance against an IT Governance Framework suitable for the business.
- Support audit and compliance enquiries and track IT remedial activities to completion.
- Act as the primary contact for IT-related incidents and Operational Risk reporting.
- Maintain and produce IT & Cyber performance reporting and ensure alignment with HQ requirements.
- Execute local Ethical Phishing campaigns and follow up on results.
- Publish cyber awareness articles and deliver monthly cyber awareness training.
- Manage vulnerability reporting and liaise with suppliers for remediation.
- Assist in producing monthly reporting for relevant committees and forums.
- Guide Product Team Leads through Governance forums and committees.
Required Skills & Qualifications:
- Demonstrable experience in developing, implementing, managing, and monitoring tailored controls.
- Experience dealing with staff at all levels within a similar sized or larger organisation.
- Excellent written and verbal communication skills.
- Strong emotional intelligence, influencing, and collaboration skills.
- Effective presentation skills for Cyber awareness training delivery.
- Ability to feedback on governance, risk, cyber, and compliance issues.
- Initiative and commitment for results with the ability to set priorities and manage multiple initiatives.
- Adaptability to changing priorities and multitasking.
- Solid work ethic with attention to detail and commitment to results.
- Confident problem solver and decision maker.
- Proficiency in Microsoft Excel for complex reporting.
- Industry standard qualifications in IT control and audit frameworks such as COBIT, CRISC, ISO2700X, ITIL.