I.T. & Communications

Controls Analyst IT Domains

Not Specified

ACTIVITIES

CANDIDATES APPLYING MUST HAVE EXTENSIVE EXPERIENCE IN IT CONTROLS

Supporting the maintenance of a controls culture across the IT organisation, including continuous communication with controls operators and owners across the IT function

Engaging with control owners and operators in order to test Security and COBIT/ITIL internal controls and to improve the facilitation of testing

Reviewing, evaluating and documenting internal controls, including the adequacy of documentation and design effectiveness assessment through review of documents and meeting Control Owners

Providing stakeholders with IT Controls test results and resulting action plans

Undertaking discussions with key stakeholders on IT control testing outcomes and action plans, and ensuring risk remediation/control improvement objectives are addressed by the actions

Supporting the shaping, development, and continuous improvement of controls frameworks across the business’s core processes and systems

Performing the testing of Design, Implementation and Operational Effectiveness of Internal Controls, including those managed by third party suppliers

Supporting the preparation of (eg, draft input to) committee packs for review by the Head of IT Governance and participate in appropriate risk forums and committees Skills & Capabilities

A demonstrable track record of managing delivery in a relevant technology risk function, including knowledge of key control areas, such as: security, IT resilience, change management etc.

Knowledge of IT risk management is key, with an understanding of the wider environmental risks and threats being a huge plus

CISA qualification is an advantage

Determination of IR35 status has not yet been determined