Head of IT Risk, Data and Audit

Audit Risk and Compliance

Job Number: 17601

Location: Acton Support Centre (123)

Contract: Full Time / Permanent

Description

DESCRIPTION

An exciting new position has opened up in Dixons Carphone for a Head of IT Risk, Data and Audit. Whilst being accountable for the IT Risk, Data and Audit agenda, you will provide IT Risk and Compliance leadership across the UK & Ireland organization. You will influence at board level to ensure funding and plans are in place to bridge any gaps, with a strong emphasis on the ability to identify and rectify priority issues.

You will advise the IT leadership team on risks and issues with both the current estate as well as new systems and implementations, ensuring we deliver systems which include the right governance and control points. You will be the go-to person on all matters of compliance and governance with the strength of character to drive this through.

 

Responsibilities

  • Provide leadership and line management for the expert team.
  • Provide Risk and Compliance consulting expertise, direction and assistance to Senior Management.
  • Providing challenge on key areas of IT risk identified through investigative analysis and drive through to resolution with agreed plans and approaches.
  • Ensure existing IT Risk, Compliance and Audit actions and issues are driven through to completion.
  • Implement IT Risk and Compliance strategies that align with the overall IT and business strategy.
  • Ensure new and existing IT projects, designs and procurement/outsourcing plans for compliance with applicable standards and industry best practice.
  • Conduct research on emerging risks and compliance requirements in support of Group Risk and Internal Audit and deliver effective and appropriate remediation.
  • Creation of business cases for Risk and Compliance strategies and roadmaps.
  • Acts as liaison for internal management, external auditors and business partners.
  • Review and Monitor the effective execution of the IT controls framework, including quality assurance mechanisms, governance committees, meetings and forums calling out and dealing with any deficiencies.
  • Work with our suppliers and internal teams to enforce and provide leadership on appropriate frameworks and solutions to move us towards a ‘few surprises’ environment.
  • A good grasp of GDPR and how to ensure we ensure we do the right thing with our data working closely with the Data Governance group to adopt best practice.
  • Accountable for ensuring our Suppliers deliver the appropriate control frameworks and good understanding of contractual commitments and performance.

 

Required Skills & Experience

  • Strategic thinking, strong technical capabilities and complex engagement delivery.
  • Extensive experience with developing strategic plans.
  • Hands-on experience with business requirements gathering/analysis.
  • Proven experience in IT risk management, compliance, policy design and development.
  • Strong knowledge of Internal Audit evaluation principles and practice.
  • Excellent knowledge of Governance, Risk and Compliance management toolsets.
  • Proven project planning and management experience.
  • Extensive experience with managing teams of internal and external resources.
  • Exceptional analytical, conceptual and problem-solving abilities.
  • Ability to evaluate business processes and IT technology, assess risks and evaluate controls.
  • Familiar with security controls assessment technologies, for example Data Loss Prevention
  • Experience or understanding in one or more of the following; Risk-based information assurance, internal audit scoping and planning for security configuration and controls assessments / Business impact analysis / Threat and vulnerability analysis