IT Risk, Governance and Compliance Lead
2 months ago
IT Governance, Risk and Compliance (GRC) Lead 1) Background
This new role forms a key part of the Technology Risk Management function, supporting the Head of Technology Risk. The role holder will form a crucial component in the establishment of an enhanced risk management framework and beyond that identify and assess potential risks across Technology, as well as ensuring a comprehensive approach to risk mitigation.
2) Purpose of Job
Risk Framework Embedding: Drive the development of and compliance with Technology policies, standards and procedures, to promote best practices across the organization.
Risk Management: Identify, assess, and mitigate Technology risks and embed the control framework to safeguard the organization's Technology assets.
Compliance Oversight: Ensure adherence to relevant laws, regulations, and standards, maintaining up-to-date knowledge of industry compliance requirements.
Stakeholder Collaboration: Collaborate with cross-functional teams and executive leadership to drive Technology risk governance and support business goals.
Technology Policy & Standard Framework: Develop, maintain and embed Technology Policies, Standards and Procedures whilst also implementing the IT function’s objectives.
Technology Risk Taxonomy & Register: Identify the Technology risks faced by the organization that give rise to potential disruptions, failures, or adverse impacts on business processes arising from the use, adoption or reliance on technology including hardware, software, networks and information systems.
Programmes & Emerging Risk: Provide oversight and input into risk assessments to help identify potential risks and devise mitigation strategies, prior to technological changes. Help to ensure alignment of technological changes with the organization's risk tolerance and strategic objectives.
Technology Risk Training: Embed a culture of risk awareness and ensure that relevant parties are aware of their roles and responsibilities concerning risk.
Risk Engagement - Business: Conduct regular engagement meetings with key Business stakeholders to ensure key areas of risk (e.g. shadow technology, team-specific instances of technology, etc) are identified and to embed ownership of risks and controls where relevant.
Risk Engagement - Technology: Conduct regular meetings with key stakeholders within the IT Department to ensure awareness of key areas of risk (such as: ‘Top 10’risks, Policies, Standards, etc) and to embed ownership of risks and controls where relevant.
Risk Register Monitoring: Maintain and update a register of Technology-related risk events, incidents, audit findings, exceptions, etc. Produce the required Board and Committee-level Technology metrics for inclusion in the respective reporting decks as required.
Produce a suite of metrics for inclusion in the various Technology meetings/ forums/ reports as required.
Regulatory Reporting: Work with the Regulatory Reporting team to ensure the required information for Regulatory submissions is accurate, relevant and provided in a timely manner.
Client DD Reporting: Provide input to determine the risk MI required from clients to help ensure the risk position is fully understood.
Third Party Risk Management (TPRM) Reporting: Develop specific metrics relating to the risk exposure of 3rd party technology providers in its suite of metrics to ensure the risk position is understood.
Meticulous attention to detail is crucial for accurately managing open audit points, helping to document audit actions, and accurately track and report on the status of management actions.
# Organisational Skills: Strong organisational skills are necessary to effectively coordinate audit schedules, manage documentation, and prioritise tasks across the IT Department.
# Clear and concise communication skills are vital for effectively liaising with internal and external stakeholders, conveying audit-related information, and facilitating collaboration across the IT Department.
# Basic analytical skills are beneficial for analysing audit data, identifying trends, and generating insights to support audit reporting and decision-making processes within the Technology domain.
# Confidentiality: Demonstrated ability to handle sensitive information with discretion and maintain confidentiality in accordance with organisational policies.
# Proficiency in Office Software: Proficiency in Microsoft Office Suite (Word, Excel, PowerPoint, Outlook) and other relevant software applications for document management, data entry, and reporting.
# Technology Knowledge: Work towards a detailed understanding of Technology and cyber risk frameworks (e.g. NIST / ISO27001 / COBIT / ITIL).
-
IT Governance, Risk and Compliance
2 months ago
United Kingdom Sumitomo Mitsui Banking Corporation – SMBC Group Full timeIT Governance, Risk and Compliance (GRC) Lead 1) Background This new role forms a key part of the Technology Risk Management function, supporting the Head of Technology Risk. The role holder will form a crucial component in the establishment of an enhanced risk management framework and beyond that identify and assess potential risks across Technology, as...
-
Head of Risk
3 weeks ago
United Kingdom BettingJobs Full timeOur client, a well-established Betting Exchange is currently searching for an exceptional Head of Risk & Compliance to join their lively team based remotely in the UK with travel to London & Cork.Responsibilities:Provide leadership on Risk, Compliance, and Anti-Money Laundering (AML) best practices.Act as external point of contact for stakeholders, auditors,...
-
Senior Governance Risk and Compliance Consultant
2 weeks ago
United Kingdom HAAR Recruitment Full timeSenior GRC Consultant ROLE PURPOSE The Security Advisory team, of which Governance, Risk and Compliance is a key part, is of strategic importance. By helping our customers navigate the rapidly evolving and increasing complex world of Governance, Risk and Compliance, we bring significant value to organisations through our independent, consultative approach....
-
Senior Governance Risk and Compliance Consultant
2 weeks ago
United Kingdom HAAR Recruitment Full timeSenior GRC ConsultantROLE PURPOSEThe Security Advisory team, of which Governance, Risk and Compliance is a key part, is of strategic importance. By helping our customers navigate the rapidly evolving and increasing complex world of Governance, Risk and Compliance, we bring significant value to organisations through our independent, consultative approach.The...
-
Senior Governance Risk and Compliance Consultant
2 weeks ago
United Kingdom HAAR Recruitment Full timeSenior GRC ConsultantROLE PURPOSEThe Security Advisory team, of which Governance, Risk and Compliance is a key part, is of strategic importance. By helping our customers navigate the rapidly evolving and increasing complex world of Governance, Risk and Compliance, we bring significant value to organisations through our independent, consultative approach.The...
-
Compliance Officer
2 months ago
United Kingdom AJ FOX COMPLIANCE Full timeAre you a highly skilled and dedicated professional with expertise in Anti-Money Laundering (AML) sanctions and compliance? An exceptional opportunity has arisen for a remote Compliance Officer within an International law firm.In this role, you’ll handle a broad range of compliance, conflicts and AML issues and have the chance to handle escalations from...
-
Risk & Compliance Analyst (Permanent)
1 week ago
United Kingdom Addington Ball Full time €50,000This award winning, market leading financial services firm seek a Risk & Compliance Analyst to proactively ensure they adhere to regulatory standards and ensure best practices throughout the firm. This role is hybrid and can be based in either London, Leicester, Bristol or the North West of England. Reporting into the Director of Group Risk, you will...
-
Sales Representative
2 days ago
united kingdom Obeden Compliance Full timeJob Title: Sales Representative (Contract) – SaaS Data Compliance Platform Location: Remote (UK-based) Obeden Compliance is an innovative startup providing end-to-end governance, risk, and compliance solutions focused on delivering data privacy compliance for organisations and their suppliers. Our cutting-edge SaaS platform helps SMEs assess,...
-
Information Security and Risk Lead
4 weeks ago
United Kingdom Better Days Recruitment Full timeMy client is looking for an Information Security Risk Management Lead to join them on an initial 6 month contract. The Infosec Risk Management Lead will be responsible for overseeing the organisation's information security risk management framework. You will identify potential risks, and ensure the implementation of risk mitigation strategies. The...
-
United Kingdom Addington Ball Full time €50,000This award winning, market leading financial services firm seek a Risk & Compliance Analyst to proactively ensure they adhere to regulatory standards and ensure best practices throughout the firm. This role is hybrid and can be based in either London, Leicester, Bristol or the North West of England. Reporting into the Director of Group Risk, you will...
-
Risk and Compliance Analyst
2 weeks ago
United Kingdom HAAR Recruitment Full timeSenior GRC Consultant ROLE PURPOSE The Security Advisory team, of which Governance, Risk and Compliance is a key part, is of strategic importance. By helping our customers navigate the rapidly evolving and increasing complex world of Governance, Risk and Compliance, we bring significant value to organisations through our independent, consultative...
-
Risk and Compliance Analyst
2 weeks ago
United Kingdom HAAR Recruitment Full timeSenior GRC Consultant ROLE PURPOSE The Security Advisory team, of which Governance, Risk and Compliance is a key part, is of strategic importance. By helping our customers navigate the rapidly evolving and increasing complex world of Governance, Risk and Compliance, we bring significant value to organisations through our independent, consultative...
-
Risk and Compliance Analyst
2 weeks ago
United Kingdom HAAR Recruitment Full timeSenior GRC Consultant ROLE PURPOSE The Security Advisory team, of which Governance, Risk and Compliance is a key part, is of strategic importance. By helping our customers navigate the rapidly evolving and increasing complex world of Governance, Risk and Compliance, we bring significant value to organisations through our independent, consultative...
-
Risk Management
2 weeks ago
United Kingdom TalentHawk Full timeCloud Security Posture Management (CSPM) SME Location: Remote Our client is seeking a highly experienced CSPM Subject Matter Expert (SME) to lead the development and execution of a comprehensive cloud security posture strategy. The CSPM SME will define and implement a CSPM managed security service (MSS), provide best practice guidance for securing cloud...
-
Health and Safety Compliance Lead
1 week ago
United Kingdom Lucas Executive Search Full timeJob Title: Health and Safety Compliance LeadJob Summary:We are seeking a highly skilled Health and Safety Compliance Lead to join our team at Lucas Executive Search. As a key member of our organization, you will be responsible for providing leadership and guidance on health and safety matters, ensuring compliance with regulations and best practices.Key...
-
Information Security Training Lead
2 months ago
United Kingdom Nityo Infotech Full timeDemonstrated significant experience in either an internal or external information security, risk, and compliance role. Strong knowledge of digital security and experience in cyber risk management and advice. In-depth understanding of relevant regulatory frameworks and standards (e.g., Professional certifications such as CISM, CISSP, CRISC, or extensive...
-
United Kingdom EOS Risk Group Full timeAbout UsWe are a leading global security consultancy committed to providing innovative safety solutions across the energy sector. Our dedicated team of professionals works to ensure that our clients in the oil and gas industry operate in a secure and safe environment by adhering to the highest standards of risk assessment and management practices.The RoleWe...
-
Risk Management
1 week ago
United Kingdom Anderselite Full timeJob Title: Project Manager (SC Cleared) - Office Refurbishment & Asset Replacement Contract Length: 8-10 Weeks We are seeking an experienced Project Manager with valid SC clearance to join our team on a short-term contract. You will be working with a government agency managing office refurbishment projects and overseeing asset replacement schemes across the...
-
Head of Compliance
4 weeks ago
united kingdom Circle Eight Recruitment Full timeAbout the job Company Description My client is a boutique financial planning and investment management firm based in central London. They specialise in providing a high-touch personal service to city professionals and offering comprehensive wealth management advice tailored to clients' individual needs. Role Description This is a senior, part-time role...
-
Technical Lead/Lead Implementor
2 weeks ago
United Kingdom Pathlock Full timeThe Technical Lead/Lead Implementor will adopt a leading role in Application and Identity Governance projects. You will be responsible for the overall design and implementation work using Pathlock and will require skills in IT, Business process automation and Security Compliance standards. The Technical Lead/Lead Implementor is expected to lead and...
