Tech Risk Analyst

Job Description

What's in it for you

Being a part of M&S is exactly that - playing your part to bring the magic of M&S to our customers every day. We're an inclusive, dynamic, exciting, and ever evolving business built on doing the right thing and bringing outstanding quality, value, service to every customer, whenever, wherever and however they want to shop with us.

Here are some of the benefits we offer that make working for M&S just that little bit more special...

1. After completing your probationary period, you'll receive 20% colleague discount across all M&S products and many of our third-party brands for you and a member of your household.
2. Competitive holiday entitlement with the potential to buy extra holiday days!
3. Discretionary bonus schemes awarded based on how you achieve your personal objectives and our performance as a business.
4. A generous Defined Contribution Pension Scheme and Life Assurance.
5. A dedicated welcome to our teams with a tailored induction and a wide range of training programmes to develop your skills.
6. Amazing perks and discounts via our M&S Choices portal to maximise your financial and personal wellbeing.
7. Industry-leading parental, adoption and neonatal policies, providing support and flexibility for your family.
8. Access to a fantastic range of wellbeing support for all colleagues including access to our 24/7 Virtual GP and PAM Assist to support you and your family.
9. A charity volunteer day to support a charity or cause you're passionate about through a dedicated day away from work.

What you'll do

As the Technology Risk Analyst you will be responsible for carrying out the risk management activities, to ensure that it operates within D&T's Risk Framework, M&S's Enterprise Risk framework, regulatory requirements and best practice standards, maintaining the integrity and resilience of M&S's Technology systems. You will:

1. Identify and assess technology-related risks that could potentially impact M&S's Technology operations, reputation, or financial stability in the context of the Retail industry's evolving landscape.
2. Conduct detailed risk assessments for ongoing and new technology initiatives, including projects related to digital transformation, software development, and IT infrastructure upgrades. Evaluate the effectiveness of existing controls and identify areas where Risk mitigation measures need to be enhanced.
3. Develop and recommend Risk mitigation measures. Collaborate with technology and business units to ensure that Risk mitigation measures are practical, cost-effective, and aligned with business objectives.
4. Prepare comprehensive Risk reports and documentation that detail findings from risk assessments, analyses, and compliance monitoring activities.
5. Actively engage with various Product and Platform partners across D&T, to promote a strong risk-aware culture within the organisation. Act as a key point of contact for Technology Risk inquiries and provide SME support.

Who you are

1. Experience of IT Governance Frameworks and the application of Technology Risk standard methodologies and Risk Standards (ISO 31000, ITIL, COBIT, IS27001 COSO, NIST, SOX etc)
2. A track record as a control practitioner in managing digital/technology controls (experience in managing Cloud and Data technology controls is highly desirable)
3. Experience in Technology audit, Risk management, or IT compliance within a large and sophisticated organisation, preferably in the retail sector or a related industry.
4. Proficiency in implementing, and supporting Technology Risk and Control Assessments, including experience with audit software and tools, and the ability to provide assurance on the effectiveness of remediation efforts.
5. High-level analytical approach to sophisticated technical and business problem.

Everyone's welcome

We are ambitious about the future of retail. We're disrupting, innovating and leading the industry into a more conscientious, inspiring digital era. We're transforming how we work together and offering our most exciting opportunities yet. Marks & Spencer strives to be an inclusive organisation, trusted and admired by our colleagues, customers and suppliers. Join us and make change happen.

We are committed to building diverse and representative teams, where everyone can bring their whole selves to work and be at their best. We support each other and work together to win together.

If you feel you'd benefit from any support or reasonable adjustments during any stage of the recruitment process, please don't hesitate to let us know when completing your application. This information will be picked up by our team, so we can try and put steps in place to help you be at your best through this process.

#hybridrole

#LI-Hybrid