IT Risk and Governance Analyst - Sanderson : Job Details

Who are Diligenta?

Diligenta's vision is to be acknowledged as Best in-class Platform based Life and Pensions Administration Service provider. Customer service is at the heart of everything we do and our aim is to transform our clients' operations. A business that has been described as 'home' by existing employees, we drive a culture that is founded on positive change and development.

Summary of the role

Due to recent growth, we are looking an IT Risk and Governance Analyst to play a pivotal role within our Information & IT Security function. This role is essential to fostering a proactive, controlled environment through risk management, IT governance, and security compliance. Working alongside IT operations, you'll identify emerging cyber risks, ensure best-in-class risk assessment, and uphold compliance standards that protect our organisation.

Benefits

• 33 days including Bank Holidays
• Eligibility for an annual discretionary bonus scheme
• Personal and career development opportunities to progress your aspirations within the company as well as through our global parent company (Tata Consultancy Services)
• Access to Perks at Work (an online discounted shopping platform) saving you money on a wide range of goods and services, including your weekly food shop, holidays and electrical goods
• Cycle to Work Scheme & Interest free Season Ticket loans
• A companywide Wellbeing programme, including an Employee Assistance Programme and other benefits/resources to support your mental/physical and financial wellbeing
• A comprehensive set of Moments that Matter policies, such as Carer's Leave, Foster Leave and Retirement Leave
• A contributory company pension scheme where we match your contributions up to 6%, Group Life Assurance ('Death in Service") & Group Income Protection
• Apply to find out about our other benefits

What you'll be doing

• Identifying the emerging cyber security risks along with IT operation team
• Reviewing and approving the risk assessment documents
• Developing and maintaining the risk assessment and risk management procedure
• Maintaining cybersecurity risk register and cyber security risk lifecycle
• Studying the ISO, NIST risk standards and adopting the recommendation in risk management procedure
• Supporting third-party risk assessment procedure
• Defining the risk tolerance statement for risk mitigating controls

What we're looking for

• Must have successfully conducted IT risk assessment against one or more best practice frameworks in a large and complex environment
• Must have sufficient experience to be able to review security controls, including assessing whether control exceptions are material and challenging evidence from control owners
• Hands-on experience on control testing experience in various infrastructure and cloud technologies
• Strong analytical and interpersonal skills
• CRISC, CISA or CISM certified (desirable)
• ISO27001 Lead Auditor/Lead Implementor (desirable)

If you need any help or adjustments for any stage within the recruitment process due to health, disability, or any other reason, please let us know.

Ready to take the next step in your career? Apply today and become part of our innovative team!