IT Risk Assessment and Controls Assurance Specialist

IT Risk Assessment and Controls Assurance Specialist

City of London

6-month contract

£660 per day - Umbrella

cer Financial are working alongside an International Bank who are based in the City of London. They are seeking an IT Risk Assessment and Controls Assurance Specialist to work with them on a 6-month contract. DORA understanding required

The responsibilities of an IT Risk Assessment and Controls Assurance Specialist will include:

• Technology Risk Taxonomy & Register: Identify the Technology risks faced by the organization that give rise to potential disruptions, failures, or adverse impacts on business processes arising from the use, adoption or reliance on technology including hardware, software, networks and information systems.
• RCSA Process: Provide support to both Operation Risk and the Business in identifying their key risks and assessment.
• Controls Assurance Testing: Provide oversight and challenge to the business as part of their evaluation of the design and operation of their controls.
• Risk Scenario Analysis and Monitoring: Provide input into the identification, development, testing and remedial actions of risk scenarios that could pose potential threats to the organizations continuity.
• Risk Acceptance and Exceptions: Review and approve (or decline) exception requests submitted where there is anticipated non-compliance with a control, standard or policy.
• Risk Register Monitoring: Maintain and update a register of Technology-related risk events, incidents, audit findings, exceptions, etc.
• Continuous Controls Monitoring: Drive the implementation and embedding of ongoing (and where possible automated) assessment of control effectiveness by the business to provide real-time insights.
• Critical Vendor Monitoring: Review the outputs of the Third-Party Risk Management (TPRM) process.
• Technology & Intragroup Reporting: Produce a suite of metrics for inclusion in the various Technology meetings/ forums/ reports as required.
• Third Party Risk Management (TPRM) Due Diligence: Work closely with TPRM to identify, monitor and report on the technology risk related aspects of Technology provided to the organization by third parties.
• Third Party Risk Management (TPRM) Reporting: Develop specific metrics relating to the risk exposure of 3rd party technology providers in its suite of metrics to ensure the risk position is understood.

The successful IT Risk Assessment and Controls Assurance Specialist will have:

• DORA knowledge is useful
• Broad tech background
• Understand key tech processes
• Tech incident mgt, change mgt, sdlc, asset mgt - + key components
• Financial Services background
• Proficiency in Office Software: Proficiency in Microsoft Office Suite (Word, Excel, PowerPoint, Outlook).
• Work towards a detailed understanding of Technology and cyber risk frameworks (e.g. NIST / ISO27001 / COBIT / ITIL).

ADZN1_UKTJ