Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead IT risk assessments and develop controls to mitigate technology risks.
- Company: Join a dynamic team in the heart of London focused on technology risk management.
- Benefits: Enjoy hybrid working, competitive salary, excellent bonuses, and comprehensive benefits.
- Why this job: Be part of a crucial function that shapes risk management and impacts business success.
- Qualifications: Experience with NIST, ISO27001, COBIT, or ITIL is essential.
- Other info: Opportunity for growth in a fast-paced environment with a focus on innovation.
The predicted salary is between 40000 - 60000 £ per year.
IT Risk & Controls Analyst
£50 – 60,000 + Excellent Benefits + Excellent Bonuses
City of London office, Hybrid working
IT Risk & Controls Analyst, NIST, ISO27001, COBIT, ITIL will play a key part of the Technology Risk Management function, supporting the Head of Technology Risk. The role holder will form a crucial component in the establishment of an enhanced risk management framework and beyond that identify and assess potential risks across Technology, as well as ensuring a comprehensive approach to risk mitigation.
Lead and conduct comprehensive IT risk assessments to identify potential threats and vulnerabilities within the organization's Technology infrastructure.
Develop, implement, and monitor effective controls to mitigate identified IT risks, ensuring alignment with industry best practices and regulatory requirements.
Collaborate with cross-functional teams to ensure Technology risk management practices are integrated into all business processes and projects.
Provide expert advice and assurance on IT controls to support compliance with internal policies and external regulations.
Prepare detailed reports and presentations on IT risk assessment findings and control effectiveness for senior management and stakeholders.
Technology Risk Taxonomy & Register: Identify the Technology risks faced by the organization that give rise to potential disruptions, failures, or adverse impacts on business processes arising from the use, adoption or reliance on technology including hardware, software, networks and information systems.
RCSA Process: Provide support to both Operation Risk and the Business in identifying their key risks and assessment of the effectiveness of the key controls, enabling them to understand the risk in pursuing their strategic and business objectives and the overall risk profile.
Controls Assurance Testing: Provide oversight and challenge to te business as part of their evaluation of ng the design and operation of their controls to ensure they are functioning as intended to mitigate risks.
Third Part Risk Management (TPRM) Due Diligence: Work closely with TPRM to identify, monitor and report on the technology risk related aspects of Technology provided to the organization by third parties.
Risk Scenario Analysis and Monitoring: Provide input into the identification, development, testing and remedial actions of risk scenarios that could pose potential threats to the organization’s continuity.
Risk Acceptance and Exceptions: Review and approve (or decline) exception requests submitted where there is anticipated non-compliance with a control, standard or policy.
Risk Register Monitoring: Maintain and update a register of Technology-related risk events, incidents, audit findings, exceptions, etc. Work with responsible areas to assess these, develop action plans, identify owners and track through to completion.
Continuous Controls Monitoring: Drive the implementation and embedding of ongoing (and where possible automated) assessment of control effectiveness by the business to provide real-time insights.
Work towards a detailed understanding of Technology and cyber risk frameworks (e.g. NIST / ISO27001 / COBIT / ITIL).
IT Risk & Controls Analyst employer: Proprius Recruitment
Contact Detail:
Proprius Recruitment Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land IT Risk & Controls Analyst
✨Tip Number 1
Familiarize yourself with the key frameworks mentioned in the job description, such as NIST, ISO27001, COBIT, and ITIL. Understanding these frameworks will not only help you in interviews but also demonstrate your commitment to the role.
✨Tip Number 2
Network with professionals in the IT risk management field. Attend industry events or join online forums where you can connect with others who work in similar roles. This can provide valuable insights and potentially lead to referrals.
✨Tip Number 3
Stay updated on the latest trends and threats in technology risk management. Being knowledgeable about current issues will allow you to speak confidently about how you can contribute to the organization’s risk mitigation strategies.
✨Tip Number 4
Prepare to discuss specific examples from your past experience where you successfully identified and mitigated IT risks. Real-life scenarios will showcase your expertise and problem-solving skills, making you a strong candidate for the position.
We think you need these skills to ace IT Risk & Controls Analyst
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in IT risk management, controls, and frameworks like NIST, ISO27001, COBIT, and ITIL. Use specific examples to demonstrate your expertise in conducting risk assessments and implementing controls.
Craft a Strong Cover Letter: In your cover letter, express your enthusiasm for the role and the company. Discuss how your skills align with the responsibilities outlined in the job description, particularly your experience with technology risk management and compliance.
Highlight Relevant Certifications: If you have certifications related to IT risk management or cybersecurity (such as CISA, CISSP, or CRISC), be sure to mention them prominently in your application. This can set you apart from other candidates.
Prepare for Technical Questions: Anticipate technical questions related to risk assessment methodologies and control frameworks during the interview process. Be ready to discuss your approach to identifying and mitigating IT risks in detail.
How to prepare for a job interview at Proprius Recruitment
✨Understand the Risk Management Frameworks
Familiarize yourself with key frameworks like NIST, ISO27001, COBIT, and ITIL. Be prepared to discuss how these frameworks can be applied in real-world scenarios and how they relate to the role of an IT Risk & Controls Analyst.
✨Prepare for Technical Questions
Expect questions that assess your knowledge of IT risk assessments, controls assurance testing, and third-party risk management. Brush up on your technical skills and be ready to provide examples from your past experiences.
✨Showcase Your Collaboration Skills
This role requires working with cross-functional teams. Be ready to share examples of how you've successfully collaborated with different departments to integrate risk management practices into business processes.
✨Demonstrate Analytical Thinking
Highlight your ability to identify potential risks and vulnerabilities. Prepare to discuss how you would approach risk scenario analysis and monitoring, and provide insights into how you would maintain a risk register.
