Risk Information Assurance & Controls Analyst

Salary: Competitive per annum

Hours: Full Time, 37.5 hours

Location: VHQ, Crawley, hybrid 3 days a week in the office

Contract: Permanent

Closing Date: 3rd July 2025

At Virgin Atlantic Airways, we believe that everyone can take on the world, and it’s our vision to become the most loved travel company. As we embark on this next exciting stage of our journey, we’re harnessing our spirit of entrepreneurship and innovation to challenge the status quo.

Virgin Atlantic is seeking a Risk, Information Assurance and Controls Analyst to strengthen risk and control management within its Technology & Transformation function. This pivotal role involves managing the full risk lifecycle, maintaining the Directorate Risk Register, and producing actionable insights for the Technology Leadership Team.

The successful candidate will collaborate closely with Information Security and Transformation teams to ensure a comprehensive view of technology-related risks and issues.

Key responsibilities include:

• Leading the Risk Findings Management Group, shaping the control framework, and supporting audit and compliance readiness.
• Maintaining the Directorate Risk Register, ensuring regular updates, ownership, and scoring.
• Using Azure DevOps and Power BI dashboards, track, manage, and escalate risks in alignment with Virgin Atlantic's risk matrix and escalation principles.
• Defining and maintaining a controls framework aligned to best practice standards such as COBIT.
• Ensuring control owners provide timely and standardised evidence for audits and developing and curating the Control & Audit Evidence Library (Red Room) to simplify audit readiness.
• Coordinating internal and external audits, ensuring resources are available and the audit scope aligns with the department's risk profile.
• Producing monthly and ad hoc reports on risk posture using Power BI, while monitoring and highlighting emerging risks across platforms to ensure proactive treatment plans are developed.

About you:

We’re looking for someone who is confident using tools like Azure DevOps and Power BI to bring risk reporting to life, turning data into clear, actionable insights that help us stay ahead. We’d also love for you to demonstrate the following:

• Hands-on experience in technology risk management, audit, or governance.
• Familiarity with industry-recognised risk and control frameworks like COBIT, ISO 27001, or NIST.
• Understanding of how IT operations work from service delivery and managing ageing systems to tackling technical debt.
• Proven experience using tracking and reporting tools like Azure DevOps and Power BI.
• You’re a natural facilitator and communicator, with the ability to bring people together and keep things moving.
• If you’ve worked with audit cycles or supported evidence gathering for controls, that’s a big plus.

If this sounds like you, we would love to hear from you!

At Virgin Atlantic, our leaders empower teams to thrive through collaboration, innovation, and excellence. Explore our Leadership Recipe and discover the 20 core ingredients that define what it means to lead with us, driving our mission to be the most loved travel company and achieve sustainable profit.

Our customers come from all walks of life and so do our colleagues. That’s why we’re proud to be an equal opportunity employer and actively encourage applications from all backgrounds. At Virgin Atlantic, we believe everyone can take on the world - no matter your age, gender, gender identity, gender expression, ethnicity, sexual orientation, disabilities, religion, or beliefs. We celebrate difference and everything that makes our colleagues unique by upholding an inclusive environment in which we can all thrive.

To make your journey with us accessible and individual to you, we encourage you to let us know if you’d like a little extra help with your application, or if you have any individual requirements at any stage along your recruitment journey. We are here to support you, so please reach out to our team.