IT Compliance Analyst
CMC Markets
London, UK
Published 2 weeks ago
Compliance Management Systems / Technology
We are looking for an IT Compliance Analyst to support the IT Compliance Manager and assist with the implementation and running of a best practice IT General Control Framework. This will deliver continual improvements in support of Audit and Risk management. As part of the Information Security team, a focus will be on the implementation, running, monitoring and reporting on effective security and other IT controls and processes.
Essential
- Work with the IT Audit & Compliance manager in delivering a Controls Framework
- Produce regular KPI reporting on IT Audit and Compliance activities and the overall programme's status
- Own coordination of the ongoing compliance monitoring, awareness training and testing.
- Coordinate, execute and oversee key controls and processes.
- Track and manage continual improvement activities across IT Audit and Compliance programmes.
- Assist in the definition, documentation and maintenance of security baselines, standards, policy and procedures in conjunction with relevant IT teams;
- Maintain and take ownership of IT Audit Findings log and track actions to completion,
- Provide expert assistance and consultancy to all other IT teams, in line with best practice and to meet business requirements;
- Ensure any ad-hoc audit work required is completed in a timely manner;
- Automate compliance checking of agreed standards, policy and controls;
- Support the IT Production Heads in matters relating to IT & Audit Compliance
Essential
- Knowledge of applicable regulatory policies, standards, procedures and controls (ISO27001/SOC/MAS TRM/BAIT/CIS/NIST/Cyber Essentials etc.)
- Understanding of IT standards, best practices for information and IT security and applicable laws and regulations.
- Previous Experience in a Compliance, Risk Management, Internal Audit or External Audit role
- Experience of working in a Regulated Environment (Financial Services)
- Experience of Security controls, processes and governance desirable (e.g. access recertification)
- Documenting, reviewing and reporting, must have excellent written communication skills and good experience of working with Microsoft Office
- Competence using Excel, and IT tools, basic scripts to process information efficiently (e.g. csv data, comparisons, reporting)
- Confidence to engage with audiences remotely (i.e. via Teams) as well as engaging face-to-face with smaller groups and senior stakeholders
- Enjoys self-learning/teaching and problem-solving with a strong attention to detail
- Some experience in environments where they are required to perform a wide range of types of tasks from week-to-week (e.g. start-up or small organisation experience) - perhaps looking to move into a larger organisation