The Audit & Risk Recruitment Company are working exclusively with a FTSE 100 conglomerate on a newly created role to support the organisation establish and maintain a best in class IT control environment.
The organisation is looking for a natural communicator and Leader who can design and implement a strategy to strengthen the internal control environment across all divisions. The role will report directly to the Vice President, Architecture and Cyber Security.
The successful candidate will be a self-starter capable of driving change while building strong working relationships with senior stakeholders across the business, outsourced service providers and Internal and External Audit. The candidate must possess a high degree of business acumen and must have a “real world” perspective to effectively lead interactions and deliver sustainable change.
The newly created role will Lead the design and development of processes and controls utilising best practice frameworks to identify, assess, and manage IT risks within the risk appetite of the organisation whilst ensuring regulatory standards and requirements are adhered too (e.g., ISO 27001, NIST, GDPR, etc).
The role holder will also maintain awareness of emerging IT risks through continuous assessment and training, sharing knowledge of this with the wider IT function. It is expected that IT Compliance will grow within the next two years so the IT Compliance Director will be expected to build a small team in that timeframe.
A successful candidate will be a knowledgeable IT compliance leader with demonstrated understanding of IT Control (frameworks and processes), IT Audit and Technology Risk Management. They will also have a strong understanding of regulatory environment, including consultations of future regulation and how this may impact internal control requirements.
It is not essential, but it would be beneficial for candidates to have a qualification e.g. CISM CISA, or equivalent security, compliance and Audit Certification. It would be preferred if the candidate was based in the South East of England, as it will be expected that they will attend meetings in London, Watford and Slough. They will be expected to be onsite in an office 2 days a week (When working conditions are back to normal).