IT Risk and Governance Analyst
Who are Diligenta? Diligenta's vision is to be acknowledged as Best in-class Platform based Life and Pensions Administration Service provider. Customer service is at the heart of everything we do and our aim is to transform our clients' operations. A business that has been described as 'home' by existing employees, we drive a culture that is founded on positive change and development. Summary of the role Due to recent growth, we are looking an IT Risk and Governance Analyst to play a pivotal role within our Information & IT Security function. This role is essential to fostering a proactive, controlled environment through risk management, IT governance, and security compliance. Working alongside IT operations, you'll identify emerging cyber risks, ensure best-in-class risk assessment, and uphold compliance standards that protect our organisation. Benefits 33 days including Bank HolidaysEligibility for an annual discretionary bonus schemePersonal and career development opportunities to progress your aspirations within the company as well as through our global parent company (Tata Consultancy Services)Access to Perks at Work (an online discounted shopping platform) saving you money on a wide range of goods and services, including your weekly food shop, holidays and electrical goodsCycle to Work Scheme & Interest free Season Ticket loansA companywide Wellbeing programme, including an Employee Assistance Programme and other benefits/resources to support your mental/physical and financial wellbeingA comprehensive set of Moments that Matter policies, such as Carer's Leave, Foster Leave and Retirement LeaveA contributory company pension scheme where we match your contributions up to 6%, Group Life Assurance ('Death in Service") & Group Income ProtectionApply to find out about our other benefits What you'll be doing Identifying the emerging cyber security risks along with IT operation teamReviewing and approving the risk assessment documentsDeveloping and maintaining the risk assessment and risk management procedureMaintaining cybersecurity risk register and cyber security risk lifecycleStudying the ISO, NIST risk standards and adopting the recommendation in risk management procedureSupporting third-party risk assessment procedureDefining the risk tolerance statement for risk mitigating controls What we're looking for Must have successfully conducted IT risk assessment against one or more best practice frameworks in a large and complex environmentMust have sufficient experience to be able to review security controls, including assessing whether control exceptions are material and challenging evidence from control ownersHands-on experience on control testing experience in various infrastructure and cloud technologiesStrong analytical and interpersonal skillsCRISC, CISA or CISM certified (desirable)ISO27001 Lead Auditor/Lead Implementor (desirable) If you need any help or adjustments for any stage within the recruitment process due to health, disability, or any other reason, please let us know. Ready to take the next step in your career? Apply today and become part of our innovative team!
read more