logo for Cripps Recruitment

IT Risk Contractor - Banking Sector - City, London, United Kingdom, EC1A2


In this contract, which could well be long-term, you will be responsible across the banking arm and securities business under a dual-hat arrangement. Under this arrangement, you will act and make decisions on behalf of both the bank and the securities business, subject to the same remit and level of authority, and irrespective of the entity which employs you.

You will be:

- Accountable for the delivery of assigned IT risk or governance related initiative (for example, COBIT, Annual IT risk evaluation, FFIEC, SOX audit and etc)

- Responsible for ensuring high quality deliverables for audit and risk related response especially when data is going out to outside of the Systems Office.

- Responsible for supporting and recommending Systems Office team IT process enhancement

- Responsible for Systems Office related audit finding and risk remediation progress tracking and reporting

- Ensure coherence of the bank IT security policies, by periodic IT control assessment and validation of effectiveness and design of the process

- Responsible as a liaison to the 2nd and 3rd line function (i.e. oversight for 2nd line of the Systems Office) who provide assurance for Systems Office and the Bank. Additionally, is the liaison between any external audit parties.

- Responsible for ensuring measurable remediation plans are provided for all audit and risk findings and ensure detailed progress updates are provided against each finding on a monthly basis

- Responsible for reviewing system development projects to ensure the project is complying to the Bank rules including none functional requirements are tested and delivered

With the ability to manage multiple tasks to tight deadlines without sacrificing quality, you can build relationships with stakeholders at all levels. Able to perform the IT control assurance review, you can communicate complex information to a variety of audiences. often working on your own without direction, you can make sense of complex situations and rapidly prioritise issues to take effective decisions in a commercial manner.

Further requirements:

- Understands policy framework, management structures and reporting procedures for all aspects of the IT risk and governance environment

- Has proven IT audit management skills and can demonstrate how they have effectively managed audits end to end successfully

- Has proven IT risk and/or IT governance management skills. Is proficient in IT control assurance

- Has strong planning, communication (both written and oral) and presentation skills

- Able to work in a cross-cultural and cross-functional environment

- Excellent communication skills, both oral and written in English

You must have 5+ years in auditing or risk management or control quality assurance, with experience of setting up, managing and enhancing IT control in a large organisation.

- Good understanding of Sarbanes Oxley act and able to validate various IT controls for the compliance

- Degree Educated (preferably Computer Science / other technical field from a leading university) and/or equivalent experience essential, Ideally holding at least one of these certificates: CRISC, ISO9001/27001 Lead auditor, CISM, CISA or equivalent

  • Excellent communication skills
  • Results driven, with a strong sense of accountability
  • A proactive, motivated approach
  • The ability to operate with urgency and prioritise work accordingly
  • Strong decision-making skills, the ability to demonstrate sound judgement
  • A structured and logical approach to work
  • Strong problem-solving skills
  • A creative and innovative approach to work
  • Excellent interpersonal skills
  • The ability to manage large workloads and tight deadlines
  • Excellent attention to detail and accuracy
  • A calm approach, with the ability to perform well in a pressurised environment
  • Strong numerical skills
  • Excellent Microsoft Office skills

The right candidate could start before Christmas if available.

Please note that no terminology in this advert is intended to discriminate on the grounds of a person's gender, marital status, race, religion, colour, age, disability or sexual orientation. Every candidate will be assessed only in accordance with their merits, qualifications and abilities to perform the duties of the job.