IT Risk Analyst | Barclay Simpson


Applications have closed

IT Risk Analyst

  • London/WFH
  • £550 per day (umbrella)

IT Risk Analyst required for non-profit organisation. The role is to support the Chief Information Security Office (CISO), CTO and Head of technical projects and change in the collation and management of IT risks; drive focus and prioritization within the IT organization through establishing an appropriate risk framework including governance principles and processes.


IT Audit & Risk Management Function

  • Own the IT Risk Management process, including facilitating IT management to ensure all risks are updated monthly, and producing the necessary Risk Reporting to the various governance bodies across the organization, ensuring a pragmatic and quality approach and ensuring that CAF meets its regulatory obligations.
  • Conduct Quarterly risk administration & updates.
  • Track, update and manage outstanding Risk Acceptances and mitigating controls therein.
  • Track live risk and audit items and actions, including chasing action updates.
  • Own the overall Risk portfolio, conduct regular risk brainstorming activities and support on Risk Assessments
  • Own the IT Audit processes, including organizing and facilitating live audits, prioritizing, and sponsoring outstanding audit actions and reporting the audit position to the various governance bodies across the organization, ensuring a pragmatic and quality approach and ensuring that CAF meets its regulatory obligations.
  • Be a conduit for all audit activities which impact the IT department, this includes any follow-on actions.

IT Continuous Process Improvement

  • Identify, plan, manage and drive opportunities for improving efficiency and effectiveness cross functionally, through the Continuous Improvement Plans to help mitigate risks.
  • Undertake the management of the above work items or process improvement activities within the department to improve operational processes, culture, morale, and service/project delivery.
  • Organize and support continuous improvement activities to improve team skills and enhance knowledge development of risk management within IT.  Act as “go to” management support for risk management activities and initiatives, general process knowledge and strategies for employees at all levels.
  • Support the development and maintenance of IT policies, procedures, methodologies, and governance — as well as performance management frameworks and metrics — to ensure the IT organization delivers value to the enterprise and mitigates risk.

IT Statistical Reporting

  • Work with Senior Management to define, develop and maintain overarching metrics to clearly articulate IT performance in both the business and operational context; analyze results and develop improvement plans.  Identify and implement metrics to evaluate the effectiveness of process improvements.

IT Business Continuity

  • Support Senior Management in ensuring that robust contingency and business continuity plans are in place for the IT services and that these are coordinated with and support the business’s continuity plans.

As an ideal candidate, you will have an industry certification such as CISSP/CISM/CRISC and have expert knowledge of Information Security Risk.  You will also have a proven track record of successful delivery in a similar role.

We seek individuals from a diverse talent pool and encourage applicants from underrepresented groups to apply to our vacancies. Our commitment to fair recruitment processes means that we welcome applicants from all backgrounds, regardless of their lived experience or personal characteristics. We also invite applicants who meet most of the listed requirements, even if not all, to apply. If you require any adjustments to the application process, please let us know.

Barclay Simpson acts as an Employment Agency for permanent positions and an Employment Business for temporary/contract engagements.

Jeff Mayger

Principal Consultant

View my profile Looking to hire?

Other jobs I manage