CrawlJobs Logo

Technology Risk Analyst

United Kingdom, Birmingham Employment contract · Job Posted May 19, 2026
Apply Position
Job Link Share

Job Description

The role will effectively support management and oversight of compliance across the IT and Data portfolio, ensuring robust risk, control management and assurance, internal and external audits, regulatory actions and workstreams. The role will play a part in developing and producing comprehensive monthly, quarterly, and ad-hoc risk and controls review and reporting, providing assurance to senior management and keeping them informed.

Job Responsibility

  • Support oversight risk identification, assessments, acceptances, and mitigation strategies within technology functions, ensuring appropriate controls are in place
  • Support management of all risks, controls and incidents activities that fall under the IT and Data remit, liaising and ensuring alignment and collaboration with Group Risk management in maintaining and communicating up to date risk information
  • Partner with relevant teams and SME's to co-manage the existing controls to include alignment on priorities and performance expectations
  • Support controls annual assessment and improvement plan for controls
  • Support management of all IT and Data actions related to risk, assurance, controls
  • Support the enhancement and management of the IT risk management process and IT/Data risk registers, and where applicable, alignment with functional and group risk management frameworks
  • Support and monitor KPIs and KRIs for technology controls and risk exposure, supporting reporting for governance forums and senior management
  • Where risks fall outside of appetite/tolerance, work with relevant stakeholders in developing and tracking a mitigation plan within reasonable timelines
  • Support the identification of issues, issue management and remediation and provide reporting on risk/controls/KRIs to the relevant stakeholders
  • Challenging business on risk and control matters (e.g., incidents, issues, and actions) and the overall management of control environment
  • Support mapping policies, standards and controls to regulatory requirements and industry frameworks (DORA, CBI, CIS, ISO, NIST)
  • Support management of internal and external audit processes, ensuring timely and accurate responses to audit requests, and driving remediation of findings with timely closures of related actions
  • Provide guidance and support to stakeholders regarding compliance and governance requirements
  • Support maintenance of an IT compliance register, mapped with applicable regulatory requirements and associated controls
  • Monitor changes in relevant laws and regulations and advising on impact and remediation, in conjunction with Compliance
  • Ensure policies, standards and guidance are updated following any review activities
  • Support the governance and communication of these updates to relevant stakeholders and committee/boards
  • In collaboration with Compliance, support relevant teams in fulfilling regulatory deliverables and provide input on any required communication to a regulator (eg. CBI)
  • Develop and carry out an annual assurance programme for controls and policies under the IT and Data functions

Requirements

  • Extensive experience in governance roles, such as risk and controls, audit or compliance
  • Extensive experience in technology roles with excellent analytical and problem-solving abilities
  • Strong stakeholder engagement skills across all organisational levels
  • Extensive experience in technology compliance, risk management, controls, and governance within a regulated environment
  • Experience within a financial industry desired
  • BA/BS degree, and/or relevant industry experience
  • Experience in Technology governance, risk, and compliance
  • Strong stakeholder management at all levels
  • Providing guidance on Technology governance, risk, and compliance matters
  • Ability to identify and evaluate Technology risks and controls and provide practical and effective recommendations
  • Ability to communicate complex Technology risk and compliance issues to non-technical audiences
  • Experience in writing effective committee papers desired
  • Passionate about compliance, risk management, audit principles and practices and continuous improvement
  • Proven experience in operating in an IT GRC environment and in particular, leading the designing of IT risk frameworks, controls and policies
  • Excellent stakeholder management, communication and influencing skills, with the ability to build strong relationships and partnerships across the organisation
  • Strong knowledge and understanding of Technology risk management frameworks, methodologies and tools, such as COBIT, ISO 27001, NIST, etc.
  • Strong knowledge of Technology governance, compliance and regulatory requirements, such as GDPR, PCI-DSS, Solvency II, etc.
  • Analytical approach with ability to work systematically and unsupervised, to tight deadlines and with multiple competing priorities
  • Demonstrable ability to communicate with project teams and advise on operational implications of business requirements and change delivery risks
  • A self-starter and independent learner who takes the initiative to challenge the status quo and is creative and comfortable with 'blank sheet of paper' assignments
  • Strong written and oral communication skills. Influencing and excellent report-writing experience with a high standard of English is a pre-requisite

Nice to have

  • Experience within a financial industry desired
  • Experience in writing effective committee papers desired

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Technology Risk Analyst

8 matching positions

Senior Technology Risk Analyst

The role will effectively manage and oversee compliance across the IT and Data p...
Location
Location
United Kingdom , Birmingham
Salary
Salary:
Not provided
socialvalueportal.com Logo
Social Value Portal Ltd
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Extensive experience in governance roles, such as risk and controls, audit or compliance
  • Extensive experience in technology roles with excellent analytical and problem-solving abilities
  • Strong stakeholder engagement skills across all organisational levels
  • Extensive experience (10+ years) in technology compliance, risk management, controls, and governance within a regulated environment
  • Experience within a financial industry desired
  • BA/BS degree, and/or relevant industry experience
  • Experience in Technology governance, risk, and compliance
  • Strong stakeholder management at all levels
  • Providing guidance on Technology governance, risk, and compliance matters
  • Ability to identify and evaluate Technology risks and controls and provide practical and effective recommendations
Job Responsibility
Job Responsibility
  • Manage all first line risk and controls activities within the IT and Data functions to maintain consistency, support a strong risk culture, and ensure alignment with organisational risk framework & appetite and governance expectations
  • Oversee risk identification, assessments, acceptances, and mitigation strategies within technology functions, ensuring appropriate controls are in place
  • Effective management of all risks, controls and incidents activities that fall under the IT and Data remit, liaising and ensuring alignment and collaboration with Group Risk management in maintaining and communicating up to date risk information
  • Partner with relevant teams and SME's to co-manage the existing controls to include alignment on priorities and performance expectations
  • Manage controls annual assessment and improvement plan for controls
  • Manage all IT and Data actions related to risk, assurance, controls
  • Enhance and manage the IT risk management process and IT/Data risk registers, and where applicable, alignment with functional and group risk management frameworks
  • Develop, implement, and monitor KPIs and KRIs for technology controls and risk exposure, supporting reporting for governance forums and senior management
  • Where risks fall outside of appetite/tolerance, work with relevant stakeholders in developing and tracking a mitigation plan within reasonable timelines
  • Support the identification of issues, issue management and remediation and provide reporting on risk/controls/KRIs to the relevant stakeholders
  • Fulltime
Read More
Arrow Right

Senior Technology Risk Analyst

The Commercial & New Payment Flows Technology Risk team is seeking a Technology ...
Location
Location
Ireland , Dublin 18
Salary
Salary:
Not provided
mastercard.com Logo
Mastercard
Expiration Date
October 10, 2026
Flip Icon
Requirements
Requirements
  • Experience: Ideal experience working within digital and technology functions, preferably in a compliance role
  • Reasonable understanding of security and quality management frameworks such as ISO 27001/27002, ISO 9001, ISO 27701, and PCI
  • Bachelor’s degree or equivalent combination of education and experience, or a Bachelor’s degree in computer science, information technology, or a related field is preferred
  • One or more professional certifications like CISA or CISSP (desirable)
  • Professional certifications ISO 27001, ISO 9001 Lead Auditor, and Implementer
  • Reasonable understanding of information security domains and possesses a well-rounded technical background
  • Basic knowledge of infrastructure and application security would be desirable
  • Experience working on GRC tools like Archer would be a significant advantage
  • Excellent communication and problem-solving skills and able to collaborate across global team
  • Demonstrated experience in managing complex projects related to information security
Job Responsibility
Job Responsibility
  • Provide consultancy and central coordination for security and compliance activities, encompassing the implementation of ISO 27001, ISO 9001, and ISO 27701, as well as PCI standards within the organisation
  • Identify potential security risks and issues through control assessments and ensure their resolution within specified timelines
  • Establish and monitor remediation efforts both internally and externally until resolution, while simultaneously enhancing the design and operational efficiency of controls
  • Document the outcomes of assessments and prepare assessment reports for key stakeholders
  • Prepare compliance status reports and dashboards for key initiatives, plans, and audit tracking of current processes in accordance with management requirements
  • Data Aggregation & reporting for various risk & compliance activities in support of the larger risk management practices
  • Fulltime
Read More
Arrow Right

Senior Technology Risk Analyst

The AI DPE Risk Management team is looking for a Senior Technology Risk Analyst ...
Location
Location
United States of America , O Fallon
Salary
Salary:
88000.00 - 141000.00 USD / Year
mastercard.com Logo
Mastercard
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Hands-on experience with audit and regulatory frameworks such as PCI, SOX, SOC 2, GDPR, and ISO 27000/27001, including participation in both internal and external audits
  • Holds at least one relevant professional certification, such as CIA, CISA, CISM, CFE, or a similar credential
  • Ability to translate control and compliance requirements into clear, actionable guidance and documentation for engineering and product teams
  • Experience designing, implementing, and maturing controls while partnering with first-line teams to achieve compliance, ensure consistent control application, and address key risks and issues
  • Strong communication skills with the ability to collaborate effectively across Data Science, Engineering, Product, and regulatory stakeholders
  • Proven ability to manage multiple priorities and projects simultaneously, maintaining momentum and delivering results in a fast-paced environment
Job Responsibility
Job Responsibility
  • Partner with engineering, product, and architecture teams to provide control, compliance, and regulatory guidance while identifying control gaps and driving remediation efforts to reduce risk
  • Support the design, implementation, and continuous improvement of preventive and detective controls within the first-line environment to strengthen the organization's overall risk posture
  • Facilitate risk assessments, control gap analyses, and scope/impact reviews to ensure new features, product updates, and initiatives align with internal standards, regulatory requirements, and industry best practices
  • Collaborate with risk, compliance, and governance teams to track and maintain regulatory controls, while working with delivery teams to address issues and lower the severity of identified risks through effective remediation and compensating controls
  • Serve as a subject matter expert during internal and external audits, supporting evidence collection, documentation, and remediation planning while helping teams prepare for successful audit outcomes
  • Bring a proactive, curious mindset with a strong willingness to learn, enabling effective navigation of complex technical ecosystems and continuous improvement of control readiness
What we offer
What we offer
  • insurance (including medical, prescription drug, dental, vision, disability, life insurance)
  • flexible spending account and health savings account
  • paid leaves (including 16 weeks of new parent leave and up to 20 days of bereavement leave)
  • 80 hours of Paid Sick and Safe Time
  • 25 days of vacation time and 5 personal days
  • 10 annual paid U.S. observed holidays
  • 401k with a best-in-class company match
  • deferred compensation for eligible roles
  • fitness reimbursement or on-site fitness facilities
  • eligibility for tuition reimbursement
  • Fulltime
Read More
Arrow Right
New

Technology Risk and Control Analyst

Location
Location
United Kingdom , London
Salary
Salary:
Not provided
legalandgeneral.com Logo
LegalAndGeneral
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Degree-level education or equivalent relevant professional experience is desirable
  • Professional certifications in technology risk or information security (e.g., CRISC, CISA, CISSP) are advantageous but not essential
  • Strong understanding of technology risk management and control practices
  • Familiarity with recognised technology and security control frameworks (e.g., ISO 27001, COBIT, NIST) is beneficial
  • Experience using data analysis and analytics to produce meaningful insights and reporting
  • Practical experience in risk management across first, second, or third line of defence functions
  • Solid understanding of IT information risk principles, including confidentiality, integrity, availability, and authenticity
  • Demonstrated ability to take ownership of deliverables, collaborate effectively, and influence stakeholders through strong communication and presentation skills
Job Responsibility
Job Responsibility
  • Supporting the Retail 2LoD IT & IS Risk team in embedding technology policies, standards, and controls consistently across the Group, ensuring effective risk mitigation through accurate, timely metrics and reporting
  • Delivering data-driven deep dives and targeted assurance reviews to assess the design and effectiveness of key technology controls, in collaboration with 1LoD and 1.5LoD teams
  • Providing subject matter expertise on technology risk governance, framework application, and policy interpretation, while promoting a strong culture of security and risk awareness
  • Analysing risk and control data from systems such as OneSumX, ServiceNow, and Prevalent to generate actionable insights and monitor risk exposure against defined tolerances
  • Supporting assurance activities for high-risk technology change programmes, ensuring key risks are identified, understood, and effectively managed throughout delivery
  • Assessing technology-related risk events and control weaknesses, identifying root causes and evaluating remediation actions to drive continuous improvement
  • Producing high-quality risk reporting by collating and synthesising IT and Information Security data for governance forums and committees
  • Collaborating with 1LoD and 1.5LoD stakeholders to gather, validate, and refine inputs, ensuring accurate and impactful risk reporting and informed decision-making
What we offer
What we offer
  • The opportunity to participate in our annual, performance -related bonus plan and valuable share schemes
  • Generous pension contribution
  • Life assurance
  • Healthcare Plan (permanent employees only)
  • At least 25 days holiday, plus public holidays, 26 days after 2 years’ service. There’s also the option to buy and sell holiday
  • Competitive family leave
  • Participate in our electric car scheme, which offers employees the option to hire a brand-new electric car through tax efficient salary sacrifice (permanent employees only)
  • There are many discounts we offer – both for our own products and at a range of high street stores and online
  • Fulltime
Read More
Arrow Right

Securities Lending Technology Business Analyst (Equity Finance Technology) - VP

The Equity Finance Technology team are seeking an experienced Business Analyst t...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Extensive BA experience
  • Proven Investment banking experience with particular knowledge of Securities Lending and Funding
  • JIRA and Confluence skills are a must
  • Proven ability to work in high pressure environment
  • Flexibility to work with a global team, across geographies and time zones
  • Strong problem-solving skills and ability to think strategically
  • Familiarity with agile methodologies
  • Excellent interpersonal and communication skills with the ability to manage stakeholder expectations
  • Demonstrated experience with ppt and visual representations
Job Responsibility
Job Responsibility
  • Partner with program/project teams and functional groups to drive execution of requirements, training, and ensuring compliance with Citi standards
  • Provide in-depth and sophisticated analysis with interpretive thinking to define problems, develop innovative solutions and influence strategic functional decisions
  • Provide input during development and implementation phases, including formulation and definition of systems scope, objectives, and necessary system enhancements for complex, high-impact projects
  • Identify and communicate risks and impacts and propose risk mitigation options
  • Consult with business clients to determine system functional specifications and partner with multiple management teams and other units to meet organizational objectives
  • Evaluate new IT developments and evolving business requirements and recommend appropriate systems alternatives and/or enhancements to current systems
  • Guarantee compliance with the PM standard procedures and with all applicable tools used for program and project management
  • Develop, refine, and ensure re-baselined detailed milestone plans are available for all important deliverables and that interdependencies are understood and addressed
  • Execute against multiple contending priorities simultaneously, performing the required combination of business analysis, project management, systems analysis, and stakeholder management tasks
  • Appropriately assess risk when business decisions are made
What we offer
What we offer
  • 27 days annual leave (plus bank holidays)
  • A discretional annual performance related bonus
  • Private Medical Care & Life Insurance
  • Employee Assistance Program
  • Pension Plan
  • Paid Parental Leave
  • Special discounts for employees, family, and friends
  • Access to an array of learning and development resources
  • Fulltime
Read More
Arrow Right

Securities Lending Technology Business Analyst (Equity Finance Technology) – Vice President

Citi is a world-leading global bank. We have approximately 200 million customer ...
Location
Location
Hong Kong SAR , Hong Kong
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong expertise in Prime Brokerage and Securities Lending
  • Experience collaborating with industry bodies, including active participation with market utility functions and Central Clearing for Securities Lending
  • Proven ability to model intricate business rules and evaluate their impact on outcomes, for example, trade pricing
  • Proficiency in using JIRA and Confluence for workflow management, collaboration, and documentation
  • Ability to perform effectively and maintain composure in high-pressure, fast-paced environments
  • Flexibility to work seamlessly with a geographically dispersed global team across multiple time zones
  • Exceptional problem-solving skills and the capacity for strategic thinking to address complex challenges
  • Practical experience working within an Agile delivery framework
  • Excellent interpersonal and communication skills, with a proven track record of effectively managing senior stakeholder expectations
Job Responsibility
Job Responsibility
  • Collaborate with internal teams, as well as various functional groups including Equity Finance, Prime Brokerage, Cross Product, Risk, Finance, MOT Technology, Compliance, and Front-Office to facilitate the implementation of requirements, provide necessary training, and ensure adherence to Citi's established standards
  • Offer in-depth and insightful analysis, employing interpretive thought to pinpoint issues, devise creative resolutions, and guide strategic functional choices
  • Contribute expertise throughout the development and implementation stages, specifically in defining the scope and objectives of systems, and identifying essential system enhancements for intricate, high-impact projects
  • Identify and communicate risks and impacts and propose risk mitigation options, considering business implications of the application of technology to the current business environment
  • Engage with business stakeholders to ascertain the functional specifications for systems, and collaborate with various management teams and other departments to achieve organizational goals
  • Assess emerging IT advancements and changing business needs, then propose suitable system alternatives or improvements to existing systems
  • Guarantee compliance with the PM standard procedures and with all applicable tools used for program and project management
  • Develop, refine, and ensure re-baselined detailed milestone plans are available for all critical deliverables and that interdependencies are understood and addressed
  • Execute against multiple contending priorities simultaneously, performing the required combination of business analysis, project management, systems analysis, and stakeholder management tasks
  • Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients, and assets
  • Fulltime
Read More
Arrow Right

InfoSec Risk Senior Analyst / Analyst

Location
Location
Salary
Salary:
Not provided
ethicshr.com Logo
Ethics HR
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree in Computer Science or Electronics & Communication Engineering or a related field from a reputable university
  • Minimum 4 years of experience for the Senior Analyst and 2 years of experience for the Analyst in the banking sector and information security field, including the following background: Risk assessment, identification and mitigation
  • Security controls, security baseline, technology best practices
  • Has an integration knowledge across different security technologies and systems
  • Security control enforcement, measure of effectiveness and proposing compensating controls
  • CBE regulations
Job Responsibility
Job Responsibility
  • Review & maintain the Risk profile according to the bank's Cyber Security Risk appetite
  • Identify information security controls necessary to remediate identified risks and follow up remediation with the concerned business lines
  • Assess information security risks for IT assets and propose appropriate measures to eliminate/reduce risk
  • Coordinate with Information Security teams to manage the risk assessment activities
  • Engage InfoSec Teams in all new initiatives and projects to handle InfoSec risk assessment for new projects/technologies with concerned stakeholders
  • Follow up on Audit reports along with audit Findings/Recommendations by Internal Audit/External Audit, CBE and ensure remediation with the related parties
  • Ensure maintaining Global InfoSec Risk Register for all assessed IT assets & follow up on open risks until closure
  • Review the cases performed by the InfoSec Governance & Compliance Teams from risk perspective side
  • Participate in the Change Advisory Board (CAB) meeting
  • Work on standard and ad-hoc threats providing InfoSec risk assessment as needed
Read More
Arrow Right

Governance Risk and Compliance Risk Register Analyst

You will design and operationalise the governance layer around an enterprise ris...
Location
Location
United States , Remote
Salary
Salary:
70.00 - 80.00 USD / Hour
signifytechnology.com Logo
Signify Technology
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years designing enterprise risk registers and the frameworks around them
  • 8+ years building risk scoring and prioritisation models — likelihood and impact scales, scoring methodology, prioritisation logic
  • 8+ years designing and running governance processes and workflows
  • 8+ years leading stakeholder engagement and enablement across security, technology, and business
  • Demonstrated track record producing audit-ready documentation and handing over to internal teams
Job Responsibility
Job Responsibility
  • Define the end-to-end governance flow — how risks get raised, reviewed, accepted, mitigated, transferred, and reassessed over time
  • Set the accountability structure — who owns risks, who reviews them, which governance bodies hold which decisions
  • Build the escalation and reporting paths for high-risk and formally accepted items
  • Partner with stakeholders across business, technology, security, and governance functions to validate the framework in practice
  • Run working sessions to walk stakeholders through the register and the governance model
  • Help load the initial set of risks into the register
  • Produce audit-ready documentation covering register structure, scoring methodology, governance workflows, and decision rights
  • Run a structured knowledge transfer to the internal security team so the programme continues after the contract ends
  • Fulltime
Read More
Arrow Right