Risk and Controls Manager

Job Title: Risk and Controls Manager
Contract Type: Permanent
Location: Brighton, East Sussex
Salary: £57000 - £65000 per annum
REF: VHU001_1562081297
Contact Name: Vinny Hughes
Contact Email:
Job Published: 4 months ago

Job Description

This will be a senior role in a team responsible for all aspects of Risk Management and IT Controls, including risk assessments, planning, documentation, testing of IT Controls, and any follow-ups to ensure mitigation of any failures and weaknesses. The role will report to the Head of IT Governance and will support the continuous development of a new first line IT risk and internal control framework across the entire IT function.

Lead the shaping, development and continuous improvement of the controls and risk frameworks across the business's core processes and systems

Lead the regime for the testing of Design, Implementation and Operational Effectiveness of Internal Controls, including those managed by third party suppliers, and controls self-assessment

Lead discussions with key stakeholders on IT control testing outcomes and action plans, and ensuring risk remediation/control improvement objectives are addressed by the actions

Support the business in maintaining a forward view of risk, performing risk identification activities, and ensure appropriate controls are in place. Track significant risk management/mitigation initiatives/programmes and represent the team on relevant steering committees and working group

Lead preparation for (e.g. draft input to) committee packs for review by the Head of IT Governance and participate in appropriate risk forums and committees

Act as a key advocate for a controls culture across IT, including leading the engagement with second line risk management, controls stakeholders across the business, and with internal and external auditors

Good practical experience of managing delivery in a relevant technology / technology risk function including knowledge of key control areas, such as security, IT resilience, change management etc

Experience of IT risk management and an understanding of the wider environmental risks and threats is a must.