Job Title:
Technology GRC Lead
-----------------------------------
About Our Team:
Our Technology teams are at the heart of what we do, surrounded by industry-leading specialists. You'll bring your ideas to the business, shaping the customer experience as part of a forward-thinking team.
-----------------------------------
About The Role:
The Technology GRC Lead will report directly to the Head of Technology Risk & Compliance and oversee internal analysts and partner teams. This role supports Security & Risk in delivering requirements and obligations, taking a proactive approach to risk and audit activities, including yearly IT general controls testing.
-----------------------------------
Your Responsibilities:
1. Oversee and manage a portfolio of activities for internal analyst teams and 3rd party partners.
2. Support GRC Managers in developing processes and procedures for committed deliverables.
3. Communicate assurance providers, like External Audit (EA) and Internal Audit (IA), ensuring a holistic view of IT control activities and coordinating auditing processes.
4. Plan, coordinate, and test IT General Controls to support management's controls attestations.
5. Contribute to the development of the IT General Controls framework.
6. Coordinate daily risk management processes, triaging risks raised by the technology function.
7. Support discovery and baseline of IT dependencies with the Internal Controls Team.
8. Coordinate meetings to review and drive closure of open audit points and track remediation of controls issues.
9. Review, evaluate, and document internal controls and design effectiveness testing and assessment.
-----------------------------------
What We Offer:
Benefits:
* 27 days leave, plus bank holidays, with option to buy additional days.
* Flexible Working, early Friday finish, and subsidised cafeteria.
* Primark Perks – Discounts with local partner businesses near offices.
-----------------------------------
Requirements:
* Proven practical experience in IT control frameworks and best practices.
* Professional experience in highly regulated environments.
* Good understanding of assurance principles and methodologies.
* Brief knowledge of the retail industry.
* Basic knowledge of IT governance frameworks, industry standards, and regulatory requirements.
* Experience in developing and testing controls.
* Experience with COBIT, ISO 27001, NIST, GDPR advantageous.
We value diversity and encourage applications from individuals who don't meet all criteria but have skills that can fit within our team.
All offers of employment are subject to background checks, including right to work, reference education, and some roles may require criminal and financial checks.