Head of IT Governance, Risk and Compliance

This job has now expired please search on the home page to find live IT Jobs.

Head of IT Governance, Risk and Compliance

A leading financial services corporation is searching for an experienced Head of IT Governance, Risk and Compliance (GRC) to lead/enhance our client's IT GRC framework managing a team of risk managers working with IT, Data, and Cyber security functions.

The chosen candidate will be integral to our client's IT risk management framework by ensuring enterprise-level risk policies, processes, and controls are in place and relevant to mitigate risk and comply with applicable legislation and regulations. This permanent role is paying up to £90,000 per annum + excellent benefits + 25% bonus + to be based in Chatham or Wolverhampton 3 x PW.

Core responsibilities:

• Oversee the management of IT risks, including the development of risk mitigation strategies.
• Manage and develop the IT GRC team ensuring team engagement and career development objectives are met.
• Coordinate activities to monitor and assess the risk on an ongoing basis. Working closely with the IT department to develop, and monitor policies and standards in compliance with applicable policy & regulations.
• Ensure IT processes follow and comply with all relevant laws, regulations, and standards such as GDPR.
• Develop and maintain a comprehensive library of controlled IT policy and processes.
• Drive horizon reviews to support the business compliance obligations.
• Oversee and develop the Risk and Control Self-Assessment (RCSA) annual testing plan.
• Review and approve assurance reports before publication.
• Coordinate internal and external audit reviews, including regular updates on activity to manage items to an acceptable closure.
• Deliver services in line with the Enterprise Risk Framework to manage IT GRC activities, including reviewing data, and preparing & finalising governance packs.
• Representing IT GRC as the key person responsible for the presentation of IT GRC information at the relevant committee groups.

• Experience designing and implementing IT Risk management frameworks is essential
• Strong leadership capabilities primarily within an IT Risk Function are essential.
• Recent domain exposure to the financial service market at an enterprise level is essential
• Detailed knowledge of the key aspects of GRC frameworks is essential
• Experience in IT and Cyber risk is essential
• Detailed knowledge of compliance, legal, and regulatory requirements within the financial services sector is essential.
• An operational risk and compliance qualification such as ERM or CORM is essential.