IT and Security Risk Analyst
Role details
Job location
Tech stack
Job description
Do you have expertise with IT and Security Risk management?
You could be progressing your career at a tech driven, global Asset Manager with multiple billions of dollars under management.
As an IT and Security Risk Analyst you will play a key role in delivering IT risk and security assurance, turning strategic priorities into clear, actionable outcomes. Working closely with the Security Manager, you'll conduct risk assessments, maintain risk registers and ensure alignment with enterprise risk appetite and regulatory expectations.
You'll support governance forums by preparing materials, tracking actions and ensuring risks are clearly documented, owned and followed through. You'll also identify trends and control weaknesses across IT and Information Security, helping to prioritise remediation and strengthen overall risk posture.
In addition, you'll embed risk practices into projects and BAU activity, support control testing and assurance, and help implement data protection controls aligned to regulations such as GDPR. You'll maintain key artefacts including data inventories and processing records, while ensuring policies, frameworks and standards remain up to date.
You'll also contribute to operational resilience by mapping critical services, supporting business continuity and disaster recovery planning and ensuring recovery objectives align with business needs. Alongside this, you'll monitor regulatory developments and help evolve internal frameworks to keep pace with industry standards.
The role offers excellent career progression through a more technical role or as senior analyst.
Requirements
- You have a strong technical understanding across core technology domains including infrastructure, networks, cloud environments and applications, with a working knowledge of information security principles and controls
- You have experience of maintaining an IT and or Information Security Risk Register, including understanding of common security risk categories (e.g. identity, data protection, cyber threats, third-party risk)
- You have experience of running technology risk assessments, supporting control testing and ensuring remediation is complete
- You have a good working knowledge of FCA, DORA and GDPR requirements and how they apply to technology, third-party risk and reporting, with the ability to apply them in day-to-day work with guidance
- You can prepare clear, evidence-based materials for governance forums and communicate risk findings to both technical and business audiences
- You're collaborative and pragmatic with excellent communication skills, able to influence and drive change
- You're degree educated, having achieved a 2.1 or above from a top tier university
Benefits & conditions
- Salary to £80k
- Pension
- Private medical insurance including 24 hour GP access
- Enhanced parental leave policy
- 25 days annual leave
- Ongoing training and development and financial support for courses
