Free job search

IT Policy, Risk & Compliance Manager

London, England,
Company: Drax Group
Category: Management Occupations
Published 2 weeks ago

Job Details

Our IT functionis using the latest Technology to deliver business benefit to Drax morequickly, improve user experience and drive operational efficiencies. 

We’re nowlooking to recruit an IT Policy, Risk and Compliance Manager to join ourIT Strategy & Governance team.

About theRole

• Leading on the group-wide design,implementation, and ongoing maintenance of a IT control framework for Drax IT. You’lldevelop a Group-wide framework of key technology controls,IT governance policies and processes through coordination with technology teamsand external advisors, ensuring it is appropriate and comprehensive inalignment with our IT strategy and roadmap.

• Providing directionon Group IT Control Framework, Policies and Standards, ensuring they supportcompliance to relevant regulation/requirements.

• Taking responsibility for quarterly IT andSecurity key controls reporting and validation activities with IT and Securitystakeholders for reporting to Audit Committee.

• Leading in designing and agreeing a system of2nd line assurance on IT controls with key stakeholders, considering howtesting will be performed, the evidence required, frequency, risk focus etc.

• Establishing a systematic and disciplinedapproach across IT functions to manage IT Risk Management through quarterlyleadership and monthly risks management meetings. You’ will be leadingInformation Risk deep dive reporting for reporting to IT Board, ExCom, andBoard.

• Liaising with key stakeholders (IT Leadershipand reports, Security, KPMG, Deloitte) on various governance, risk, and auditrelated matters.

• Accountability forIT controls submissions and Principal risk reporting to Audit Committee andBoard on a half yearly and yearly basis in collaboration with IT and SecurityDirector.

• Providing strongcentral oversight to deliver consistency and quality in audit and compliancework (KPMG Internal Audit and Deloitte External Audit) across the function /wider business. You’ll be primary point of contact for IT participation ininternal and external audits.

• Followingup on Internal audit actions and monthly reporting to ExCom and quarterlyreporting updates to KPMG/Internal Audit.

• Taking responsibilityfor the annual update of IT and IS Key Controls Group Assurance Map.

About You

You’ll have astrong experience working in IT internal controls, internal audit, external and/or risk related roles within technology. This will include experience workingin assessment of policies and standards, risk scoring, assessment of the designand operating effectiveness of mitigating controls and recommendingimprovements to control design. You’ll bring knowledge of UK regulatory andcompliance environments (i.e., PCI, SOX) and ability to apply it appropriately.

Strongtechnical and process knowledge within IT is required including security,system development and project management processes. You’ll bring knowledge ofkey technology frameworks CRISC, COBIT, ITIL, ISO27001 is ideal, as well as aprofessional qualification such as CISA, CISM and/ or ITIL.

The rolerequires you to have the ability to communicate clearly and with impact in highpressure situations including the ability to challenge and influence the viewof senior stakeholders respectfully, confidently, and effectively to bring anew perspective.

About Drax

Drax is playing a vital role in helping change the way energy is generated,supplied and used. To learn more about how we’re enabling a zero carbon, lowercost energy future, click here.

We’re at our best when we’re proactive, committed, and reliable – and trustothers to be the same. This role offers hybrid working, allowing you to splityour time between the office and working from home.

You’ll also have the option for flexible hours, so you can make your hours workfor you.

Application Process


To arrange a chat or get a copy of the job description, please email [email protected]

If you’re ready to submit an application, click the ‘Apply now’ button. 

We’re at our best when we share inspiration and insight right across Drax, andsearch for new ideas and ways of working. We welcome applications from everyoneand hire great people to build talented and diverse teams.

Start Your Career at Drax Group

For this job you can start work immediately. Apply now and get the job.
Job offer: IT Policy, Risk & Compliance Manager

Daily Alerts

Create a job alert for Latest Jobs in UK

Subscribe now to receive daily alerts with jobs from all UK sources.