This vacancy has now expired, and is not accepting any new applications.

Please search for live opportunities or use the Register Interest facility to sign up for job alerts and/or leave your CV speculatively.

  • Department / Function IT
  • Location Cardiff City Centre
  • Number of roles available 1
  • Salary Competitive salary plus benefits and bonus
  • Closing Date 17/01/2020

The IT Governance, Risk and Compliance office is a new function created within the Security team of the business. The team was created to improve IT governance within the business and align IT capability with the business objectives and strategy.

As the IT Governance, Risk and Compliance Officer you will be monitoring and documenting compliance with all IT policies and standards as implemented within the department, which will involve reporting on compliance to the relevant Committees.

You will be working closely with the IT Governance, Risk and Compliance Manager to establish and conduct oversight of business approach to the use of information technology.

What you will be doing

  • Maintaining IT governance documentation in accordance with the IT Governance Framework
  • Ensuring that IT colleagues are provided with the correct IT policies, standards and practices for conformance with the IT Governance Framework and mandatory legislation and regulations in place, as defined by Group compliance
  • Working with your wider IT team to improve documented policies, processes and procedures and to implement and embed good practice
  • Assessing that the IT supply chain conform to IT governance, risk and compliance standards
  • Exhibit broad knowledge of governance, compliance and auditing frameworks and apply that knowledge in reviewing the quality of existing and new documentation
  • Recognise and identify potential areas where existing policies, standards and procedures require change
  • Documenting the IT Risk position and maintaining IT risk registers
  • Supporting your IT team with risk identification, assessment and evaluation processes and best practices
  • Maintaining control testing plans, documenting IT risk events and conducting internal assessment of IT policies, standards and process compliance
  • Supporting internal and external audits and auditors and maintain documented lists of audit finding and actions
  • Manage relationships and interactions with all Group and external auditors, compliance and risk management bodies
  • Produce IT Governance, Risk or Compliance reports from departmental data
  • Where required, attending and taking minutes from IT Governance, Risk or Compliance forums or committee meetings

What we are looking for

  • A motivated and passionate person who has experience in governance roles with policy, having a sound knowledge of polices, standards, risk and compliance
  • Someone who has a great eye for detail and is able to design policies, processes and procedures, regularly reviewing and implementing these across the business
  • An understanding in all aspects of corporate governance
  • Awareness of industry wide good security practice and operation of IT systems, policies, standards and regulations
  • Someone who has an open and trusting approach to building those lasting relationships across the business and is able to influence others
  • Someone who is resilient and organised, capable of adapting to change to help drive the requirements forward

Life in the Team

You will be working closely with all areas of IT and work to better plan, communicate, measure and report on IT performance, risk and compliance. As a new team, you will have the opportunity to drive forward and bring innovation to the team, taking ownership and leading the governance office.

What the process looks like

If successful at the application stage, you will be invited to complete a telephone call with the IT Governance, Risk and Compliance Manager. If this goes well we will then invite you in to complete a face to face interview which will include competency based interview questions and some technical questions.  

This isn’t just an opportunity for us to find out about you, it’s also an opportunity for you to find out about us. So please bring along some questions we will be more than happy to answer them. If this goes well we will be asking you to join the team!

We welcome applications from all suitably qualified candidates as we know that Diversity & Inclusion is integral to the success of the company and we are striving to build a company where everyone feels welcome and valued and where differences are embraced.

Please be aware that we reserve the right to close this vacancy early should sufficient applications be received.

Please be aware that you will be required to provide proof of right to work in the UK should you be successful in joining us.

We do not accept speculative agency CVs. Any CV received will be treated as a gift and not eligible for an agency fee. PSL agencies should only send CVs if authorised to do so by the Recruitment team.