Role: IT Risk Consultant
Functions: Risk and Compliance
Start: Immediate
Pay rate: £600 to £650 per day (PAYE - Inside IR35)
Location: Central London - Hybrid working
Expected duration: 3 months
Our client is a global technology business. They are looking for a skilled IT Risk Consultant to support their Risk and Compliance function. The person will be responsible for overseeing the implementation of a number of Operational Resilience processes to ensure compliance against various internal polices and regulatory requirements. The role will work very closely with other global upstream and downstream business functions/teams during the design, implementation, and execution phases of the various programmes.
Key job responsibilities:
- Perform a business impact assessment (BIA's) for key business and support functions.
- Leverage the output of the above BIA to identify and map data flow diagrams for each product, including identification of all upstream and downstream API level dependencies (including third party).
- Perform a product-based resiliency risk assessment to identify any potential vulnerabilities and to recommend effective mitigations.
- For each critical application (including API's) identified within the BIA, support completion of IT Disaster Recovery testing procedures.
- For external third parties, develop and implement appropriate ITDR testing mechanisms to ensure compliance with DORA regulations.
- Support the Resiliency Strategy in compliance with DORA regulations.
Requirements
- Bachelor's Degree (3 Year Degree).
- Expert knowledge of DORA/Operational Resiliency regulations and must be a proven IT resiliency practitioner.
- A minimum of 10 years' experience in technology risk, technology audit or related field, within a financial institution, licensed money transmitter, or payments related e-commerce function.
- Expertise in BCM for cloud native institutions.
- Preferably certified in AWS Certified Solutions Architect - Associate.
- At a minimum, BCM certified under ISO 22301 or qualified BCM institute member with good understanding of IT risk and control frameworks, such as, CISA,COBIT, NIST, ISO 27001 or equivalent.