IT Risk Manager

Audit Risk and Compliance

Job Number: 22265

Location: Acton Support Centre (123)

Contract: Full Time / Permanent

Description

IT Risk Manager

The IT Risk Manager's primary purpose is to support the design, development and implementation of best-practice IT risk management processes within the IT Business Function. The Risk Manager will support the implementation of group standards for IT risk management for Dixons Carphone through coordinating and supporting effective IT risk management and acting to provide advice and support to management and staff. 

 

Key Responsibilities:

  • Provide challenge on key areas of IT risk identified through investigative analysis.
  • Develop and document knowledge of existing IT Risks.
  • Develop, document, communicate and enforce IT Risk policies.
  • Review new and existing IT projects, designs and procurement/outsourcing plans for compliance with applicable risk management standards and industry best practice.
  • Review IT operational and business risks, functions and activities in order to determine and recommend nature, scope, direction and thrust of proposed actions.
  • Monitor the effective execution of an IT Risk controls framework including quality assurance mechanisms.
  • Support the IT Business Function’s strategy for IT risk management.
  • Support the operation of a robust, transparent and flexible IT risk framework.
  • Analyse the IT risk implications of key business projects.
  • Support the Implementation of a Dixons Carphone IT Risk Management methodology to provide the tools, common risk language and processes that can be used to identify, assess, mitigate and report IT risks.
  • Provide feedback on the quality and rigour of IT risk identification and management activities to IT management to support continuous improvement.
  • Help facilitate management review and update of the IT risk profile, including; 

    o Evaluating the appropriateness of actions determined by management

    o Identifying additional controls to be implemented for the mitigation of IT risk

    o Monitoring the overall IT risk profile, including accumulations of risk and trends

    o Escalating high priority IT risks to IT management

  • Educating, training and supporting staff to build IT risk awareness within the organization
  • Preparing reports on key IT risk information for the Group Risk and Compliance Committee

 

Skills & Experience:

  • Clear, concise and articulate communication, both written and verbal
  • Develops and manages stakeholder expectations including management relationships.
  • Experience in the design and implementation of integrated IT risk and control frameworks.
  • Knowledge in applying “best practice” risk frameworks.
  • IT control principles (across both business processes and IT general controls).
  • Hands-on experience with business requirements gathering/analysis.
  • Proven experience in IT risk management and compliance.
  • Knowledge of Governance, Risk and Compliance management toolsets.
  • Exceptional analytical, conceptual and problem-solving abilities with keen attention to detail.
  • Ability to evaluate business processes and IT technology, assess risks and evaluate controls.
  • Experience or understanding of risk-based information assurance or Business impact analysis
  • Ability to prioritize and execute tasks in a high-pressure environment and make sound decisions in urgent situations.
  • Experience of business case creation.
  • Ability to translate business needs and problems into viable and accepted solutions.