At a Glance
- Tasks: Lead the design and implementation of data-driven Continuous Control Monitoring across technology and cyber risk.
- Company: Join a leading financial services firm focused on innovation and risk management.
- Benefits: Attractive salary, comprehensive benefits, flexible working options, and opportunities for professional growth.
- Other info: Dynamic role with a focus on collaboration and strategic thinking in a fast-paced environment.
- Why this job: Make a real impact by enhancing control effectiveness and driving proactive risk management.
- Qualifications: Strong understanding of IT controls, data platforms, and project management experience required.
The predicted salary is between 60000 - 75000 Β£ per year.
Overview
The role designs, implements, and operates a data-driven Continuous Control Monitoring (CCM) capability across technology and cyber risk domains.
It is accountable for partnering with control owners to identify critical technology controls for continuous monitoring, developing automated risk and control performance indicators (KCI/KRI), and establishing data pipelines and dashboards to provide near real-time insight into control effectiveness.
The role enables proactive identification of control weaknesses and emerging risks, supports regulatory compliance (DORA, SOX), and enhances the understanding and calibration of key cyber risks using industry-standard frameworks (NIST, CRI, Mitre Attack).
It supports moving from periodic control testing to continuous assurance, defines and implements the CCM framework, operating model, and roadmaps, and translates regulatory and internal control requirements into CCM use cases.
It aligns CCM with broader Technology Risk Framework, RCSA, and control testing programs.
Key responsibilities include partnering with control owners to identify key preventive and detective controls, prioritise controls based on risk criticality, audit focus, and failure impact, identify and onboard authoritative data sources (e. g.
Service Now, IAM, PAM, CI/CD, monitoring tools), design and implement automated data ingestion and transformation pipelines, enable scalable CCM through data lake / GRC tooling integration, drive reduction of manual controls and reliance on retrospective testing, and drive engagements with 2nd and 3rd lines of defence.
CCM should integrate with control testing programs and audit/regulatory assurance, enabling a shift from sample-based testing to full population monitoring and supporting evidence generation for internal and external audits.
Qualifications
- Strong understanding of IT controls, control frameworks (e. g. COBIT, NIST, CRI), and key technology risks impacting financial services.
- Background in 1LOD risk and controls, audit, or 2LOD in a technology environment.
- High level of experience with data platforms (data lakes, BI tools), control automation and monitoring tools.
- Data sourcing from platforms such as Service Now, IAM, GRC tooling, and common visualization tools.
- Project management and reporting experience.
- Personal Requirements
- Self-motivated and proactive, with the ability to balance risk with opportunity and prioritise.
- Ability to learn new technologies and tooling, particularly in relation to data analytics.
- Organised and results focused; excellent and innovative communicator able to use data to simplify complex concepts for technical and non-technical audiences.
- Demonstrates a global perspective and collaborates with technical and non-technical members.
- Think strategically with a structured, logical approach to work; able to meet tight deadlines; maintains objectivity under pressure.
- Good understanding of financial technologies and the banking environment; good understanding of technology control frameworks and regulations.
- Results-driven with a strong sense of accountability; strong decision-making skills and meticulous attention to detail.
- #J-18808-Ljbffr
Contact Details:
Mitsubishi UFJ Financial Group Recruitment Team