GRC Systems Analyst
Remote with ad hoc travel
Reporting to the ITGC Manager on the Finance Transformation Programme, the GRC Systems Analyst has primary responsibility for ensuring the successful implementation, support and ongoing maintenance of our GRC Controls Tool software into BAU. The role will support the Controls Team in deploying a tool that meets assurance requirements and empowers our stakeholders in Finance and IT to effectively manage key controls relevant to financial reporting.
The GRC Systems Analyst will with work alongside other members of the Finance Transformation programme and key users in Finance/IT to ensure that we build and configure a GRC tool that implements our control framework. This will provide the mechanism for ongoing monitoring/reporting of the Financial control environment and readiness for future compliance requirements.
The GRC tool is the central repository of several workflows & processes, including risks, controls, issue management, testing & monitoring, and regulatory change management. As an administrator of this system the GRC Systems Analyst responsibilities will include (but not limited to) user access provisioning, managing data flows/uploads, reporting, overseeing training & user support and addressing/resolving technical issues with the vendor.
This role will require significant engagement with stakeholders across Finance and IT at Group and Business Unit level and there may be occasional travel expected to some of our key locations.
· Supports the ITGC Manager with the implementation & maintenance of our GRC tooling capability across the Group.
· Acts as the first level key point of contact for BAU user support issues on the platform and user access provisioning activities
· Drives product development of the GRC tooling capability to meet requirements of our Finance Transformation programme and stakeholders in Finance and IT
Experience & Skills:
· Credible & proven ability to lead, mobilise and partner with senior stakeholders within a fast-paced business
· Has a clear passion for GRC and proven experience of implementing similar toolsets in previous roles
· Well versed in risk management and controls has a sound understanding of regulatory compliance frameworks such as GDPR, ISO27001, PCI DSS, CIS 20, NIST CSF, Cyber Essentials, COBIT, ISF etc (preferred but not essential)
· Can demonstrate the communication of complex technical matters to both tech/non-tech audiences
· Subject matter expert in GRC tooling & can drive process improvements to mature the capabilities of the function
· Can easily navigate internal/external audit & assurance engagements, along with supporting controls testing & evidencing requirements
· Knows how to prioritise workload demand and can engage all relevant stakeholders that need to know what is expected of them
· Ability to identify key issues, & can communicate them to stakeholders leveraging colleagues as needed to find solutions
· Understands the people & cultural aspects to risk management & controls and has a proven track record in providing training and awareness in this subject matter
· Data driven, analytical, assertive and results orientated
ersg are an equal opportunities employer; we are committed to promoting equality of opportunity for all job applicants. We do not discriminate against applicants on the basis of age, sex, race, disability, pregnancy, marital status, sexual orientation, gender reassignment or religious background; all decisions are based on merit.