Technology Risk & Compliance Manager
Recruiter
Listed on
Location
Salary/Rate
Salary Notes
Type
Start Date
This job has now expired please search on the home page to find live IT Jobs.
Summary
About The Security & Capability Team
Our team is responsible for providing and maintaining tools used by Tesco in order to monitor and secure our systems, while also helping our colleagues globally.
We maintain global hybrid instances of our chosen tools for SIEM, Application Performance Monitoring, Log Monitoring, Backlog Management, Identity Access Management, Service Desk, self-help portals for colleagues and incident communications. In addition to the challenges delivering this capability brings, we're also the team responsible for the security operations centre and our security architecture, working across Tesco globally to secure our systems and data! Our Technology Risk & Compliance team works tirelessly to further develop a risk aware culture and drive audit and regulatory improvements across the technology team in all Tesco countries.
We aim to provide colleagues with a great experience by providing world class tooling, processes and advice. We believe in solutions that are either self-service or invisible to the end user - that's not always easy to achieve, but it's what we strive for. With over 460,000 colleagues globally, this is an opportunity to make your mark.
Package
Package Description
We offer excellent benefits that help make Tesco a great place to work. These include but aren't limited to:
* An annual bonus scheme which you can achieve up to 3.5% of base salary
* Colleague Clubcard (including a 2nd card for a family member) after 6 months service with 10% off most purchases at Tesco
* Holiday starting at 25 days plus a personal day
* A retirement savings plan - 4%-7.5% contribution rate
* Life Assurance - 5 x contractual pay
* Buy As You Earn Scheme
* Save As You Earn Scheme
* Deals & Discounts through Tesco including Tesco Mobile & Tesco Bank
* Deals and Discounts through many other external businesses
Main Responsibilities
Main Responsibilities
The Role - Technology Risk & Compliance Manager
Whilst specific responsibilities will be dependent upon the changing needs of the Tesco business, the following provides an overview of the role's key responsibilities and measures:
* Lead, plan and conduct technology risk assessments across the Group
* Maintain the risk register to ensure it remains relevant and up to date
* Support the refinement of the Technology Risk and Compliance framework
* Advise technology teams in the design and implementation of controls.
* Track the status of both internal and external audit findings
* Monitor compliance with key controls
* Report on progress to Technology senior management and other key stakeholders
* Support Technology colleagues with queries relating to risk and compliance
Ideal Candidate
Key Skills and Experience
You'll need to have demonstrated experience of:
* IT audit/risk management, with examples of managing risk and compliance within an organisation
* Performing technical assessments and identifying Technology risks by applying business, technical and industry knowledge
* Critically assessing Technology practices such as capacity, availability and service level management, recommending improvements where necessary
* Communicating effectively to build and maintain transparent relationships with stakeholders (including Senior Management), clearly expressing ideas and concepts both verbally and in writing to effectively handle sensitive issues
* Critical thinking with strong attention to detail and follow up
* Technically competent to contribute towards the preparation and implementation of control processes, procedures and guidelines within Technology, in conjunction with company policies
* Leading, planning and conducting interviews to perform Technology risk assessments and gain an understanding of the area being reviewed
Documenting processes and key controls, highlighting risks and issues as well as suggesting improvements to match business processes and rules, reducing cost where possible
KPI and audit finding tracking, compiling and reporting with a proven ability to understand and process and interpret analytical data
* Supporting engagements with internal and external audit, to ensure their success
* At least one professional qualification such as CISA, CISM or CISSP are essential
Personal
* Flexibility, ability to plan and organise, responsiveness, creativity, self-starter
* Able to build solid working relationships with peers and senior leadership
* Ability to demonstrate strong written, verbal communication and presentation skills to all levels of seniority and disciplines within the organisation.
