IT Risk and Control Manager

Morson Talent

  • Lancashire
  • £65,000 per year
  • Permanent
  • Full-time
  • 1 month ago
  • Apply easily
Our client are one of the world’s leading independent convenience retailers with an extensive network of sites across international markets in the United Kingdom & Ireland, Continental Europe, Australia, and the United States of America.About the role...
Based in the UK within an IT Risk and Control Team, a new and exciting opportunity has arisen to work closely with UK and Global colleagues to develop IT Risk and Control capability in alignment with an established IT control framework.
The processes and controls being developed are aimed at enhancing maturity and providing enduring solutions to effectively manage technology risk.
The team currently functions as a hybrid 1st/2nd line entity, involving close collaboration with IT colleagues, Control Owners, and Operators to deliver new IT controls, assess technology risks, and continually evaluate and enhance processes, policies, and standards.
Working as part of a small but growing team, the position will be based in Lancashire with options for hybrid and remote working. This presents an excellent opportunity to join during a period of significant growth, change, and opportunity.
Duties and Responsibilities
Build relationships and become a trusted advisor to colleagues in all aspects of IT Risk and Control, serving as the go-to person for everything from general IT risk advice to control implementation on transformation projects or providing valuable support during external audit reviews.
Proactively drive IT Control implementation in accordance with IT Control framework and the Internal Controls over Financial Reporting (ICFR) Programme.
Support and manage the design, implementation, and integration of new IT controls, including those reliant on 3rd party suppliers.
Collaborate with existing IT Controls project teams and IT stakeholders to conduct deep dive assessments, plan remediation activities, and drive IT Control development to completion, including routine testing of control design and operation.
Engage with existing transformation projects to ensure they do not introduce avoidable operational risk, track remediation, and serve as a subject matter expert (SME) throughout the journey.
Assist in the creation of new or revised policies and standards for IT and ensure relevant local knowledge and support are provided as needed.
Support Control Owners and Operators through individual and group IT Risk and Control training sessions, and develop IT Risk and Control training materials as required.
Assist in developing IT risk and control reporting and support wider Group IT reporting efforts.
Collaborate with internal/external audit as needed and closely align with business colleagues. Work with different business areas and country units to meet global IT Risk Management requirements.
Lead various IT Risk initiatives and perform IT Risk Assessments as an SME, providing objective challenge and oversight to ensure IT and security controls and approaches are observed, and risks and issues identified are reported and escalated per the governance framework.
Contribute to building the IT Risk Framework utilizing best practice methodology. Promote an effective risk and control culture across the Group, fostering accountability, responsibility, and action, and acting as a risk and control ambassador to ensure best practices are shared and actions are delivered.
Proactively seek opportunities to centralize and automate controls and processes to drive efficiency.
Assist in managing and developing control management systems, such as ServiceNow, to ensure effective operation and monitoring of controls and issues.
Candidate Requirements
Minimum 4 years of experience working with or within IT internal audit/external audit teams within a big 4 or similar environment is essential. Confidence in designing IT General Controls acr

LogicMelon