IT Compliance Analyst

We are looking for an IT Compliance Analyst to support the IT Compliance Manager and assist with the implementation and running of a best practice IT General Control Framework. This will deliver continual improvements in support of Audit and Risk management. As part of the Information Security team, a focus will be on the implementation, running, monitoring and reporting on effective security and other IT controls and processes.

• Work with the IT Audit & Compliance manager in delivering a Controls Framework
• Produce regular KPI reporting on IT Audit and Compliance activities and the overall programme’s status
• Own coordination of the ongoing compliance monitoring, awareness training and testing.
• Coordinate, execute and oversee key controls and processes.
• Track and manage continual improvement activities across IT Audit and Compliance programmes.
• Assist in the definition, documentation and maintenance of security baselines, standards, policy and procedures in conjunction with relevant IT teams
• Maintain and take ownership of IT Audit Findings log and track actions to completion
• Provide expert assistance and consultancy to all other IT teams, in line with best practice and to meet business requirements
• Ensure any ad-hoc audit work required is completed in a timely manner
• Automate compliance checking of agreed standards, policy and controls
• Support the IT Production Heads in matters relating to IT & Audit Compliance

• Knowledge of applicable regulatory policies, standards, procedures and controls (ISO27001/SOC/MAS TRM/BAIT/CIS/NIST/Cyber Essentials etc.)
• Understanding of IT standards, best practices for information and IT security and applicable laws and regulations
• Previous Experience in a Compliance, Risk Management, Internal Audit or External Audit role
• Experience of working in a Regulated Environment (Financial Services)
• Experience of Security controls, processes and governance desirable (e.g. access recertification)
• Documenting, reviewing and reporting, must have excellent written communication skills and good experience of working with Microsoft Office
• Competence using Excel, and IT tools, basic scripts to process information efficiently (e.g. csv data, comparisons, reporting)
• Confidence to engage with audiences remotely (i.e. via Teams) as well as engaging face-to-face with smaller groups and senior stakeholders
• Enjoys self-learning/teaching and problem-solving with a strong attention to detail
• Some experience in environments where they are required to perform a wide range of types of tasks from week-to-week (e.g. start-up or small organisation experience) – perhaps looking to move into a larger organisation