IT Governance, Risk & Compliance Advisor

As our new GISS - IT GRC Champion you will be responsible for acting as a Governance, Risk, Controls and Technical SME for IT Operations contributing to, and assisting with continuous improvement of IT Operations policies, practices, and procedures across the Cabot group in UK and Europe.

Providing advice and guidance to the IT Operations function on regulatory and other risk frameworks (e.g. ISO27001/ ITIL / Sarbanes-Oxley / NIST / PCI). Assisting in the development and optimization of control management processes to ensure IT Operations operates and can evidence effective controls which address risks, local legislative or regulatory requirements, company policies, and best practice.,

• Work with process owners to review and update IT Operations Policies and Procedures to ensure that the controls are designed effectively to address the relevant risks, that documentation is up to date, and that controls are operating as documented


• Be the key point of contact and provide coordination for internal and external audits requiring IT Operations support (i.e. Sarbanes-Oxley, Financial Statement audits, ISO27001, ITIL, NIST, PCI and Client audits.), ensuring the appropriate IT Operations staff are engaged and that responses are adequate and provided on a timely basis


• Support internal staff where they have GRC-related questions including knowledge sharing sessions and 1x1 support


• Embed and continue to improve controls around IT Operations systems and processes, providing subject matter expertise and suggestions for corrective actions and improvements to drive increased efficiency while mitigating internal control business risks


• Provide support for internal and third-party BCP requirements.


• Provide hands-on support for I.T control evidence gathering and have the technical knowledge to support any queries from auditors


• Provide tracking and reporting on IT Operations' audit findings, and mitigation efforts, ensuring gaps are understood and that appropriate action plans are determined and tracked to completion


• Ensure effective management of IT Operations' risks, recommending mitigations and track and reporting on remediations required to bring residual risks in line with targets


• Work with the Encore IT Risk and Control team to help build a repository of 'Standard Answers' to audit questions relating to IT Operations and presentation material that can be shared with external audit teams and Clients on the IT Operations environment and controls


• Work effectively with, and build strong working relationships with Internal Audit, Enterprise Risk & Compliance, IT Operations, the Encore IT Risk and Control team, and colleagues in related functions (e.g. Finance for Sarbanes Oxley work)


• Support I.T Operations on patch/vulnerability management


• Follow any reasonable instructions as directed by management
  
  Looking for your next IT GRC Role? Do you have the resilience and drive to excel in a problem-solving environment? Are you confident working under your own initiative? If you've answered yes, then you could be the right person to join our friendly GISS team in our Hull or Kings Hill Office!, Proven track record of delivery in an IT Governance or Risk and Controls role


• In depth knowledge of IT and regulatory frameworks standards: e.g. ISO27001/ ITIL/ Sarbanes-Oxley/ NIST/PCI SQL Server (2016 - 2022)


• Ability to multitask; used to working under pressure and owning problems through to resolution; ability to meet strict deadlines


• Strong customer focus with the drive and commitment to improve the level of service clients receive (internal/external)


• Excellent relationship building skills


• Ability to effectively communicate to IT staff as well and senior stakeholders/risk committees


• Strong drive for results to ensure audit actions and recommendations are actioned in a timely manner


• CISM / CISA certification is advantageous


• Degree Educated
  
  Diversity and inclusion are very important to us at Cabot, and we value a multitude of diverse talent within our business. We want everyone to be themselves at work and encourage a culture that includes everyone. Our policies ensure that every candidate and employee are treated fairly and with equal opportunities.



• At Cabot we are highly regulated by our clients, as such, any successful candidates will have to undergo a basic credit check and criminal background check. Please note that we are unable to proceed to interview stage if a CCJ, IVA or Bankruptcy appears on a credit file, or if you do not have full right to work in the UK
  
  What you can expect as a GISS - IT GRC Champion:


• Permanent full-time contract


• Competitive salary


• 37.5 hours per week


• Monday to Friday


• Loads of great benefits including, discount and cash back on hundreds of high-street shops and private health insurance, plus much more.