Senior IT Risk & Governance Analyst
Santander Consumer Finance UK (SCUK) is based in Redhill, Surrey and provides motor finance to a network of dealerships throughout the United Kingdom. An exciting opportunity has arisen to join our IT team as a Senior IT Risk & Governance Analyst. This is a key role to support the eCISO, IT Risk & Governance Manager and be a trusted partner and advisor to key stakeholders regarding governance, controls, cyber, information security, and IT risk. Please note this role is a hybrid role with at least 3 days a week in the Redhill office. Remote workers will not be considered. Responsibilities will include: Manage IT & Cyber Risk portfolio and drive continuous improvements and help shape procedures with a focus on improving working practices and reducing riskPartnering with 2LoD to manage expectations and improve on data quality resultsManaging risk impacts and ensure mitigations are in place and regularly assessedProduce reports for relevant SCUK business stakeholders to have the appropriate visibility of core tasksDeal with or escalate any identified risks in relation to Santander Consumer risk policies and/or legislative and regulatory guidelines in accordance with the Santander UK group risk frameworkManage and report KRI information for IT to promote effective monitoringEnsure that KRI are aligned with the requirements of HQ in Spain and that adequate action plans are in place for those that are out of appetiteProvide assurance on existing IT Risk and controls in line with internal requirementsEnsure that the IT leadership Team (ITLT) have effective standards, policies, processes and procedures suitable for the SCUK business. Ensure these are regularly reviewed, approved and stored in a central repository for ease of reference and consumption and that all staff have been appropriately trained in their usePlan and manage the embedding of a capability and maturity culture to drive continuous improvement across the IT departmentWorking with Internal and External audit team to review evidence and track remediation of identified issuesManage logging of risk events, identify patterns of failures or gaps in risk events and ensure there is remediation plan that is tracked to completionPlan and manage local Ethical Phishing campaigns and ensure the results (or both local and Group) campaigns are followed up on, shared and reported to the relevant people in line with SCUK consequence management process. Develop and implement any required action plans to address identified issuesDesign, plan and publish relevant and up to date cyber awareness articles on SCUK local intranet ensuring alignment with SanUKCreate an ongoing plan to execute cyber awareness training for all new starters and for those who need a refresher. Keep a register of those who have participated and follow-up on those who do not attendAssist the eCISO, IT Risk & Governance Manager in producing the monthly reporting for all the relevant committees and forumsAdhering to our commitment to Consumer Duty ensuring we put our Customers’ needs first and set higher and clearer standards of consumer protection What we’re looking for: Significant practical experience in a similar role with demonstrable experience of developing, implementing, managing, and monitoring, tailor-made controls adapted to the organisation servedProven experience and ability in dealing with staff at all levels of a similar sized organisation or largerExcellent written and verbal communications skillsExcellent emotional intelligence, influencing and collaboration skillsExcellent presentation skillsAbility to feedback on governance, risk, cyber and compliance issues in a structured manner and adapt good practice to meet the needs of the SCUK businessProven experience of confidently delivering Risk & Cyber Security Training to staffDemonstrated initiative and commitment for results and the ability to set priorities and manage multiple initiativesAbility to adjust to changing priorities while multitasking effectivelyFlexible and adaptable; able to work in ambiguous situationsSolid work ethic with attention to detail and commitment to resultsConfident and effective problem solver and decision makerAdvanced Microsoft Excel skills to enable the creation and production of regular complex analysis and reporting for key stakeholdersExtensive practical knowledge of the implementation and continuous use of the COBIT Maturity FrameworkIndustry standard qualifications in IT control and audit frameworks such as COBIT, CRISC, ISO2700X, ITIL We have a range of benefits available which include: Competitive salary of £62,000 - £68,000 dependent on experience30days holiday per annum, plus bank holidaysAnnual bonus based on personal and company performance£6000 Car allowancePrivate Medical InsuranceGenerous pension contributionsEmployee assistance programmeSharesave schemeGym passes at a reduced rate for 3,000 gyms, leisure centres etc Inclusion At Santander we’re creating a thriving workplace where all colleagues feel they belong and are supported to succeed. We all help to make Santander a workplace that celebrates diversity and attracts, retains and develops the most talented and committed people through living our values of Simple, Personal, and Fair. At Santander Consumer Finance we have a zero-tolerance approach to discrimination, bullying, harassment (including sexual) or victimisation of any kind. What are the next steps: If you are interested in this role and believe you have the skills, experience, and knowledge then we’d love to hear from you. Please go ahead and click apply which will take you through some questions and allow you to submit your CV and covering letter.
read more