IT Risk Manager

Role: IT Risk Consultant
Functions: Risk and Compliance
Start: Immediate
Pay rate: £600 to £650 per day (PAYE – Inside IR35)
Location: Central London – Hybrid working
Expected duration: 3 months

Our client is a global technology business. They are looking for a skilled IT Risk Consultant to support their Risk and Compliance function. The person will be responsible for overseeing the implementation of a number of Operational Resilience processes to ensure compliance against various internal polices and regulatory requirements. The role will work very closely with other global upstream and downstream business functions/teams during the design, implementation, and execution phases of the various programmes.
Key job responsibilities:

• Perform a business impact assessment (BIA’s) for key business and support functions.
• Leverage the output of the above BIA to identify and map data flow diagrams for each product, including identification of all upstream and downstream API level dependencies (including third party).
• Perform a product-based resiliency risk assessment to identify any potential vulnerabilities and to recommend effective mitigations.
• For each critical application (including API’s) identified within the BIA, support completion of IT Disaster Recovery testing procedures.
• For external third parties, develop and implement appropriate ITDR testing mechanisms to ensure compliance with DORA regulations.
• Support the Resiliency Strategy in compliance with DORA regulations.

Requirements

• Bachelor’s Degree (3 Year Degree).
• Expert knowledge of DORA/Operational Resiliency regulations and must be a proven IT resiliency practitioner.
• A minimum of 10 years’ experience in technology risk, technology audit or related field, within a financial institution, licensed money transmitter, or payments related e-commerce function.
• Expertise in BCM for cloud native institutions.
• Preferably certified in AWS Certified Solutions Architect – Associate.
• At a minimum, BCM certified under ISO 22301 or qualified BCM institute member with good understanding of IT risk and control frameworks, such as, CISA,COBIT, NIST, ISO 27001 or equivalent.