Senior IT Risk Specialist

This job has now expired please search on the home page to find live IT Jobs.

Senior IT Risk Specialist

IT Risk / Risk Management / IT Security / Information Security / Warwick / Permanent

My client, a well known and industry leading organisation is looking for an experienced Senior IT Risk Specialist to join their growing IT Security and Risk Team at head office in Warwick.

The Senior IT Risk Specialist will provide support to IT Delivery Centres in order to support and advise them, and challenge and monitor (through metrics and assessments) the way that risks are managed, controls are implemented and findings are addressed.

You will take the lead in improving processes and coaching more junior members of the team and reviewing their work. This is a 2nd line of defence role within the 3 lines of defence model for Risk Management.

Key Responsibilities:

*To provide on-going support, advice and challenge for 1st line of defence. Build knowledge of, and good working relationships with, assigned delivery centres.

*To be an SME on specific risks and related controls in providing such advice and support.

*To work with the IT delivery centres and other Technology Risk and Security teams to evolve Risk Universe and Control Framework to address identified weaknesses and emerging threats.

*To assess the effectiveness of controls through the creation of KPIs/KRIs, analysis of metric data and by conducting assessments.

*To ensure risks are accurately articulated and appropriate business and IT approval is sought where risks are being accepted or exceptions are being granted.

*Work with the 1st line of defence to identify risk event root causes and remediation plans.

*To manage risks, controls and findings within the eGRC tool.

*To act as a role model for and coach more junior members of the team.

*To review work done by other members of the team as part of defined QA processes.

Key Skills and Experience required:

*Demonstrable experience in managing information systems or information/cyber security risk according to an industry standard approach.

*Experience auditing IT systems using a range of standards, frameworks and regulations.

*Knowledge of the 3 Line of Defence model for Risk Management.

*Able to demonstrate a high degree of credibility and influence senior stakeholders within the organisation.

*Ability to communicate effectively both orally and in writing.

*Excellent knowledge of information/cyber security and related principles.

*Thorough knowledge of IT and information/cyber security controls.

*Self-motivated, able to deliver with minimal supervision, and always aware of the "bigger picture".

*Any formal information security certifications such as; CISA, CRISC, CISSP, CISM or CEH would be preferred.

This is a fantastic opportunity to join and established and well know organisation as they embark on an exciting period of change. The salary on offer is £50,000 - £60,000 plus a comprehensive company benefits package including; generous bonus scheme, flexible working and great pension scheme to name a few.

Pleas apply ASAP to be considered.

IT Risk / Risk Management / IT Security / Information Security / Warwick / Permanent

Spring acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers. The Spring Group UK is an Equal Opportunities Employer.

By applying for this role your details will be submitted to Spring. Our Candidate Privacy Information Statement explains how we will use your information - please copy and paste the following link in to your browser: www.spring.com/candidate-privacy-information-statement