Risk & Policy Analyst

Job type:
Start date:
6.0 months
SidTech LTD
Published at:
flag_no United Kingdom
Project ID:

This project has been archived and is not accepting more applications.
Browse open projects on our job board.
Risk & Policy Analyst Profile Required-Glasgow

Job Description:

The Resources will be based in Glasgow, UK
Seniority level: Manager

The Role's responsibilities include:
  • Lead a program of transformational change that will integrate the Technology risk assurance processes from 4 different acquisitions into Banks Understand, interpret current state across all acquisitions of Technology Risk assurance processes and architect an interim and target operating model.
  • Perform indepth analysis of controls landscape across all acquired companies Communicate important information and insights to business and IT stakeholders on both Bank and its acquired business equivalents.
  • Indepth business analysis and mapping of controls, making recommendations to adapt existing business strategies
  • Participation in Transformation Squads working within the AGILE framework.
  • Working knowledge of key Technology concepts eg data classification, protection, policies, governance, privacy, security assessment tools Understanding of key concepts related to risk assessment and controls
  • Engages in process based thinking to effectively obtain, analyze and interpret information, identify root causes of problems, and draw the appropriate conclusions
  • Working knowledge of technology applications and can identify and validate risk and controls Understanding of the relevant local technology risk regulations and the associated application to a financial services business
Desired Skills and Competencies
  • Excellent written and verbal communication skills.
  • Good organizational skills; a high degree of attention to detail and ability to manage multiple priorities
  • Business/Product Knowledge: Familiarity and experience with electronic trading platforms is a strong plus, but is not required

Education, Background & Experience Required

Education: Bachelor's degree

  • A minimum of 5 years of relevant risk experience from roles in any of the following:
  • Audit (internal or external)
  • Risk Officer/Information Security Officer
  • Technology Risk Governance
  • Risk Assessment (eg, RCSA)
  • Control Testing (eg, SOX)
  • Information Security/IT Security (eg, Entitlements Management, Segregation of Duties, Threat Management, Penetration Testing, Strategy)
  • Regulatory (eg, working as a financial services regulator or having experience dealing with regulators)
  • Technology/Information Security Policy/Procedures
  • Process/Risk/Control Frameworks, eg, COBIT
Qualifications Desired
  • Certifications: Attainment of the following certifications is a strong plus, but not required
  • Certified Information Systems Auditor (CISA)
  • Certified in Governance for Enterprise IT (CGEIT)
  • Certified Internal Auditor
  • Certified Information Security Manager (CISM)
  • Certified Information Systems Security Professional (CISSP)
  • Certified in Risk and Information Systems Control (CRISC)
  • ISO 27001 Auditor