Aegon Asset Management
,
Witham, Essex
IT Risk & Control Analyst
Overview
Job Description
Summary Job Description Job Title: IT Risk & Control Analyst (3P7) Department: DS IT Line Manager: Head of IT Risk & Control Senior Manager: N/A Direct Reports: None Location: Edinburgh or Witham Summary of Department: The IT Risk & Control function sits within the Digital Solutions IT department and its purpose is to support the ongoing management of IT Risks alongside enhancing the existing control environment. The team provides oversight, challenge, review and support for the various functions across IT ensuring adherence to Aegons Risk Management framework and policies. Summary of Role: As an IT Risk & Control Analyst you will work to embed first line risk & control responsibilities and accountability across IT, ensuring adherence to all Risk and Control frameworks and policies. This includes the IT SOX programme, Risk Incident management, Breach management and the Risk Assessment process. The role will also be required to execute various control activities in a timely manner and in-line with agreed schedules. External Relationships: External auditors 3rd Party Suppliers Internal Relationships: IT Heads of Functions Risk Internal Audit DS Control Assurance Key Tasks: * Supporting the IT teams to ensure risks and controls are recorded and managed appropriately. * Tracking and progressing all IT risk related actions; including Risk assessments, Internal Audit, External Audit, Business Continuity and SOx actions. Working with action owners across IT to ensure agreed targets are met and the Aegon Risk Management system (ARMS) is maintained. * Production of Key Risk Indicators. * Developing and delivering effective risk reporting and management information. * Completing trend analysis, identifying root cause and areas for improvement. * Providing subject matter expertise around risk and control frameworks, being the first point of contact for all risk and control queries from DS IT. * Coordination of the half yearly Risk Assessment process and providing support to RCSA owners. * Facilitating and leading meetings with the CIO and Senior IT managers to carrying out risk assessments. * Identifying training requirements across the wider IT community and delivering Risk training. * Overseeing IT Risk Incidents ensuring that first line responsibilities are being met and collating information required for reporting. * Facilitating the Policy Attestation process. * Maintain a view of key dates for risk reporting providing awareness to key stakeholders so that dates are met. * Complete control testing activities to ensure active controls remain appropriate and robust * Execute controls in-line with agreed schedules Key Skills: * Strong interpersonal, communication and presentation skills * Strong data analysis * Problem solving skills * Building effective relationships with key stakeholders * Challenging and influencing others * Strong planning and organising * Ability to act independently Knowledge: * Knowledge of Aegons Risk Management System (ARMS) - Desirable * Knowledge of the Aegon risk policies and frameworks - Desirable * Proficient in using Microsoft Office suite including Excel and PowerPoint * Knowledge of the SOX programme - Desirable Experience: * Prior experience in risk identification * Prior experience of establishing and embedding robust and effective controls * Previous experience of controls testing * Previous experience in developing good working relationships with stakeholders of various levels * Experience in the production and presentation of management information Qualifications: * No specific qualifications required Additional Job Description Equal Opportunity Employer: We are an equal opportunities employer and welcome applications from all suitably qualified persons regardless of their race, sex, disability, religion/belief, sexual orientation or age