SCUK Senior IT Risk & Governance Analyst

This job is with Santander UK, an inclusive employer and a member of myGwork – the largest global platform for the LGBTQ+ business community.

SCUK Senior IT Risk & Governance Analyst

Country: United Kingdom

Santander Consumer Finance UK (SCUK) is based in Redhill, Surrey and provides motor finance to a network of dealerships throughout the United Kingdom. An exciting opportunity has arisen to join our IT team as a Senior IT Risk & Governance Analyst. This is a key role to support the eCISO, IT Risk & Governance Manager and be a trusted partner and advisor to key stakeholders regarding governance, controls, cyber, information security, and IT risk. Please note this role is a hybrid role with at least 3 days a week in the Redhill office. Remote workers will not be considered.

Responsibilities will include:

• Manage IT & Cyber Risk portfolio and drive continuous improvements and help shape procedures with a focus on improving working practices and reducing risk.
• Partnering with 2LoD to manage expectations and improve on data quality results.
• Managing risk impacts and ensure mitigations are in place and regularly assessed.
• Produce reports for relevant SCUK business stakeholders to have the appropriate visibility of core tasks.
• Deal with or escalate any identified risks in relation to Santander Consumer risk policies and/or legislative and regulatory guidelines in accordance with the Santander UK group risk framework.
• Manage and report KRI information for IT to promote effective monitoring.
• Ensure that KRI are aligned with the requirements of HQ in Spain and that adequate action plans are in place for those that are out of appetite.
• Provide assurance on existing IT Risk and controls in line with internal requirements.
• Ensure that the IT leadership Team (ITLT) have effective standards, policies, processes and procedures suitable for the SCUK business. Ensure these are regularly reviewed, approved and stored in a central repository for ease of reference and consumption and that all staff have been appropriately trained in their use.
• Plan and manage the embedding of a capability and maturity culture to drive continuous improvement across the IT department.
• Working with Internal and External audit team to review evidence and track remediation of identified issues.
• Manage logging of risk events, identify patterns of failures or gaps in risk events and ensure there is remediation plan that is tracked to completion.
• Plan and manage local Ethical Phishing campaigns and ensure the results (or both local and Group) campaigns are followed up on, shared and reported to the relevant people in line with SCUK consequence management process. Develop and implement any required action plans to address identified issues.
• Design, plan and publish relevant and up to date cyber awareness articles on SCUK local intranet ensuring alignment with SanUK.
• Create an ongoing plan to execute cyber awareness training for all new starters and for those who need a refresher. Keep a register of those who have participated and follow-up on those who do not attend.
• Assist the eCISO, IT Risk & Governance Manager in producing the monthly reporting for all the relevant committees and forums.
• Adhering to our commitment to Consumer Duty ensuring we put our Customers' needs first and set higher and clearer standards of consumer protection.

What we're looking for:

• Significant practical experience in a similar role with demonstrable experience of developing, implementing, managing, and monitoring, tailor-made controls adapted to the organisation served.
• Proven experience and ability in dealing with staff at all levels of a similar sized organisation or larger.
• Excellent written and verbal communications skills.
• Excellent emotional intelligence, influencing and collaboration skills.
• Excellent presentation skills.
• Ability to feedback on governance, risk, cyber and compliance issues in a structured manner and adapt good practice to meet the needs of the SCUK business.
• Proven experience of confidently delivering Risk & Cyber Security Training to staff.
• Demonstrated initiative and commitment for results and the ability to set priorities and manage multiple initiatives.
• Ability to adjust to changing priorities while multitasking effectively.
• Flexible and adaptable; able to work in ambiguous situations.
• Solid work ethic with attention to detail and commitment to results.
• Confident and effective problem solver and decision maker.
• Advanced Microsoft Excel skills to enable the creation and production of regular complex analysis and reporting for key stakeholders.
• Extensive practical knowledge of the implementation and continuous use of the COBIT Maturity Framework.
• Industry standard qualifications in IT control and audit frameworks such as COBIT, CRISC, ISO2700X, ITIL.

We have a range of benefits available which include:

• Competitive salary of £62,000 - £68,000 dependent on experience.
• 30 days holiday per annum, plus bank holidays.
• Annual bonus based on personal and company performance.
• £6000 Car allowance.
• Private Medical Insurance.
• Generous pension contributions.
• Employee assistance programme.
• Sharesave scheme.
• Gym passes at a reduced rate for 3,000 gyms, leisure centres etc.

Inclusion At Santander we're creating a thriving workplace where all colleagues feel they belong and are supported to succeed. We all help to make Santander a workplace that celebrates diversity and attracts, retains and develops the most talented and committed people through living our values of Simple, Personal, and Fair. At Santander Consumer Finance we have a zero-tolerance approach to discrimination, bullying, harassment (including sexual) or victimisation of any kind.

What are the next steps:

If you are interested in this role and believe you have the skills, experience, and knowledge then we'd love to hear from you. Please go ahead and click apply which will take you through some questions and allow you to submit your CV and covering letter.