Croydon Harris global Ltd, 3rd Floor One Croydon, 12-16, Addiscombe Road, Croydon CR0 0XT
IT Risk Analyst 2022-04-14 Harris Global are currently looking for an IT Risk Analyst to join our Financial Services client in their London office. Harris Global 2022-05-14

IT Risk Analyst

London / permanent / Up to £75k per annum + bonus & benefits

Jess Field


Up to £75k per annum + bonus & benefits



Harris Global are currently looking for an IT Risk Analyst to join our Financial Services client in their London office. The successful candidate will support the day to day management of the IT Risk Management and IT Key Control frameworks. Candidates must have prior experience working across technology risk.

Responsibilities will include:

  • Maintaining the IT Risk Register and oversight of the risk profile for the IT function
  • Driving improvements to the IT risk management capability
  • Supporting stakeholders within the function to identify, assess, respond to, and report on IT risk
  • Creation of appropriate risk reporting, to facilitate risk and control discussion, and inform risk-based decision making
  • Delivering both light-touch and deep-dive IT risk assessments
  • Managing the IT Risk and Control Self-Assessment process
  • Continuous review and assessment of the impact of transformational change on the Technology control environment:
    • Perform technical IT Risk Assessments (Aligned with the ISF IRAM model) on services being introduced to the BD environment - Informing Non-Functional control requirements for new services
    • Perform light-touch and deep-dive Technology risk assessments specific to the delivery and integration of new services into the BD production environment - Informing the impact of change on technology controls
  • Completing periodic IT Risk Forecasting exercises to assess technology risk exposure associated with IT Assets and deficiencies in IT Controls
  • Fostering a risk aware culture within the IT function ensuring adequate training and risk expertise is provided across their operations
  • Maintaining the IT key control framework
  • Performing key control testing and assurance reviews
  • Supporting the function with the internal/external audit process, ensuring all audit issues are appropriate, assigned correctly and addressed in a timely manner
  • Supporting the achievement of external accreditation such as ISO27001

Key skills:

  • CISA, CGEIT, CRISC or equivalent is expected
  • Technology Risk Management
  • IT Control Frameworks (ISO27001, NIST, CIS, ISF)
  • IT Auditing/Key Control Testing (TOD/TOE)
  • Stakeholder Management
  • Project Management
  • Excellent communication skills