Find your next tech and IT Job or contract Governance, risk and compliance (GRC)

Description Hello, we're Starling. We built a new kind of bank because we knew technology had the power to help people save, spend and manage their money in a new and transformative way. We're a fully licensed UK bank with the culture and spirit of a fast-moving, disruptive tech company. We're a bank, but better: fairer, easier to use and designed to demystify money for everyone. We employ more than 3,500 people across our London, Southampton, Cardiff and Manchester offices. Reporting to the Head of Starling Banking Services as our Risk and Compliance Manager, you will own and manage approach and day to day activity to ensure SBS is complying with all applicable legal and regulatory obligations from a policy and operational point of view. You will lead a small team to ensure SBS financial crime and compliance policy aligns with Bank policy and our operational activities are carried out in a timely manner. This role covers financial crime including transaction monitoring, sanctions screening and fraud monitoring as well as some operational risks and compliance activity. Key Responsibilities Include: Act as the leader of the Risk and Compliance function within SBS, ensuring SBS policy fits in with Bank policy and all operational activities are carried out in a timely and compliant manner. Reporting of relevant compliance and financial crime MI to senior management and stakeholders Setting best practice in relation to transaction monitoring, sanction screening and compliance within the team and ensuring these steps are carried out by the team Representing SBS at relevant internal risk and economic crime committees Working with 2LOD to ensure best practices are being considered within the SBS team Carrying out initial and ongoing onboarding of new SBS clients Acting as a point of escalation for sales and account management colleagues on compliance matters relating to the live and prospective clients Own the RCSA process for SBS in conjunction with senior management

Remediation Manager/Senior Leader - Financial Services 6 Month Contract - Inside IR35 Location: Warwickshire - Hybrid working Shape and lead a high-profile remediation strategy, ensuring fair customer outcomes and regulatory excellence Influence at senior levels, working closely with executives, risk committees, and regulators Hybrid role, with upto 80% from home and the rest from HQ in Warwickshire As our leading financial services client continues to strengthen their approach to customer remediation, they're establishing a dedicated, structured capability to ensure they resolve issues effectively, enhance their control environment, and drive long-term improvements across the business. As Remediation Manager, you'll take ownership of this critical function, shaping the strategy, frameworks, and governance that underpin their remediation approach. You'll work closely with senior stakeholders across Customer Services, Finance, IT, Compliance, and Risk to embed best practices, establish robust reporting mechanisms, and ensure clear oversight of remediation activities at the highest levels, including risk committees and regulatory reporting. This is a role with real influence! Required Knowledge & Experience - Strong background in Remediation & Regulatory Compliance within Financial Services Proven experience as a senior leader with the ability to influence at the highest levels, balancing strategic vision with operational delivery Understand the complexities of managing high-impact issues that affect customers and reputations alike Commercially astute, able to set direction, and bring a forward-thinking approach to embedding long-term solutions that enhance customer outcomes and strengthen business resilience Adept at working with senior stakeholders, you're comfortable presenting at executive level, shaping strategy, and leading with confidence in a high-profile, fast-moving environment Strategic Leadership - Proven ability to set and drive the direction of customer remediation or similar large-scale, customer-focused programmes within financial services Stakeholder Influence - Strong experience working with and influencing senior leaders, risk committees, and regulators, ensuring buy-in and alignment across multiple business areas Remediation Expertise - A deep understanding of remediation principles, regulatory requirements, and best practices, with experience shaping policies, frameworks, and processes to deliver fair customer outcomes If you have proven experience in the above areas, please submit your application to Jackie Dean at TXP for consideration TXP takes great pride in representing socially responsible clients who not only prioritise diversity and inclusion but also actively combat social inequality. Together, we have the power to make a profound impact on fostering a more equitable and inclusive society. By working with us, you become part of a movement dedicated to promoting a diverse and inclusive workforce.

Job Title: Security Risk Lead Salary: £53,300 - £71,300 Location: Cambridge/Hybrid with 2 days a week minimum in the office Contract: Permanent Join our organisation as a Security Risk Lead. Utilise your expertise and drive to safeguard operations in this impactful role. We are Cambridge University Press & Assessment, a world-leading academic publisher and assessment organisation and a proud part of the University of Cambridge. About the role The Security Risk Lead plays a pivotal role by driving Cambridge University Press & Assessment's security risk management strategy. This position is responsible for identifying, assessing, and mitigating operational, financial, and strategic security risks across the organisation to ensure a resilient and compliant security framework. Overseeing the Security Risk Manager, the Security Risk Lead will work closely with senior stakeholders to develop and embed risk management processes that align with the organisation's priorities. They will also take the lead on key initiatives to reduce the organisation's risk exposure, delivering critical risk insights, reports Lead and improve the security risk management strategy, identifying, analysing, and evaluating risks that may affect the organisation. Implement controls to mitigate risks and ensure effective execution. Manage and support the Security Risk Manager. Prepare and present regular risk reports for senior management. Oversee the analysis and monitoring of risks, ensuring emerging risks are flagged. Ensure compliance with regulatory requirements. Monitor industry trends and best practices. Collaborate with the Head of Security GRC and teams to manage incidents and propose corrective actions. Provide risk management training and develop a risk-aware culture. Support the development of security risk policies and frameworks. Collect data for risk assessments and foster a collaborative risk management approach. Provide risk management input on key projects. Represent the organisation in industry forums.

Our client is looking for Corporate Risk and Assurance lead to come and join their team. Primary/general responsibilities: * Ensuring the appropriate plans, standards and practices for managing corporate risk and conducting corporate assurance and internal audit activities. Corporate Risk Management: * Coordinate a programme of regular assurance reviews with key Corporate and Portfolio stakeholders in accordance with the Integrated Assurance Map Support maintenance of and champion the Policy, Framework and Appetite Statement in accordance with best practice and Departmental policy. * Provision of advice to risk practitioners in using standards and processes through Risk Champion Working Groups. * Support risk management maturity using the Government Internal Audit Agency (GIAA) risk maturity model * Support the maintenance of the risk system/log, with the support of a technical development team * Develop and coordinate a programme of regular risk and issue reviews with key stakeholders * Analysing trends and performance to provide insightful recommendations to senior leaders to improve risk management Corporate Assurance & Compliance * Supporting the maintenance of, and championing, the Agency's Assurance Strategy and Assurance Framework * Maintaining the Integrated Assurance Map * Provision of advice to those involved in assurance on using standards and * Preparing reports highlighting insight from assurance interventions for senior leaders, including the Audit, Risk and Assurance Committee * Contributing the Governance Statement in the Agency's Annual Report and Accounts, summarising the processes, plans and findings of assurance activities * Collating, assessing and challenging information from the relevant leads within the Agency including oversight of the DAASIC process (Director's Annual Assurance Statements of Internal Control) and assurance of achievement of Functional Standards * Coordinating compliance activities across each delivery support function, who are to set internal controls and monitor their effectiveness. * Engage upwards and outwards with stakeholders in DSIT and across government to ensure alignment to assurance and compliance requirements. Internal Audit: * Oversee internal and external audit exercises. * Create a central repository for all audit actions, coordinating their enactment with relevant teams. Primary/general responsibilities: * Ensuring that the client has appropriate plans, standards and practices for managing corporate risk and conducting corporate assurance and internal audit activities. Corporate Risk Management: * Coordinate a programme of regular assurance reviews with key Corporate and Portfolio stakeholders in accordance with the Integrated Assurance Map Support maintenance of and champion the Policy, Framework and Appetite Statement in accordance with best practice and Departmental policy. * Provision of advice to risk practitioners in using standards and processes through Risk Champion Working Groups. * Support the maintenance of the risk system/log, with the support of a technical development team * Develop and coordinate a programme of regular risk and issue reviews with key stakeholders * Analysing trends and performance to provide insightful recommendations to senior leaders to improve risk management Corporate Assurance & Compliance: * Supporting the maintenance of, and championing, the clients Assurance Strategy and Assurance Framework * Maintaining the Integrated Assurance Map * Provision of advice to those involved in assurance on using standards and * Preparing reports highlighting insight from assurance interventions for senior leaders. * Coordinating compliance activities across each delivery support function, who are to set internal controls and monitor their effectiveness. * Engage upwards and outwards with stakeholders in DSIT and across government to ensure alignment to assurance and compliance requirements. Daily rate: £380pd IR35: outside IR35 Duration: March 26 Travel: Hybrid. Travel to London or Oxford once a month Start: ASAP LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds. Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.

The current responsibilities of the role include: To manage, oversee, monitor and report on overall Cyber Security risk including the Defence Board level risk and lead on the creation of appropriate response plans. Drive cyber security transformation across Defence including partnership working with the new Defensive Cyber and EM Force. Provide cyber, information, crypt key security and digital resilience policy direction across Defence and monitor compliance including delivery of specialist assurance services. Define enterprise and solution cyber security architecture and act as the crypt key design authority. Ensure all of defence is cyber security aware and educated and set functional skills standards. Define Defence wide cyber resilience strategy and act as Portfolio owner for the defensive cyber security and crypt key programme portfolio. Provide expert guidance and assurance to Defence equipment programmes to ensure they are secure and resilient by design and assure compliance against Defence policies. Ensure MOD cyber security response is integrated with, and supportive of, other cyber domain activity in Defence and government. Lead implementation of Cyber Resilience strategy. Propose and set relevant cyber security policies and architecture standards. Own the defence end to end cyber risk process and assure the effectiveness of mitigations working across Defence. Create effective interventions when the risk profile exceeds tolerance and escalate. Assure capability programmes against relevant security and resilience standards to ensure mitigating threat and risk and being secure and resilient by design. Set the behavioural and cyber awareness expectations for Defence. Set the professional standards for cyber skills.

GRC Analyst – 6-month contract – London/Remote – Inside IR35 My Customer is looking for a GRC Analyst to join their Governance, Risk & Compliance (GRC) team. You will play a key role in strengthening their risk management processes, working primarily with Archer and other GRC tools to support risk assessment, compliance, and governance activities. In this role, you will be responsible for identifying, assessing, and tracking security risks across assets, systems, and third parties, ensuring compliance with internal standards, policies, and regulatory frameworks. Key Skills from the GRC Analyst: Strong background in Security Risk and Governance with hands-on experience in Archer (experience with other GRC tools is also valuable). Solid understanding of risk assessment methodologies, security frameworks (NIST, ISO 270001), and compliance requirements (GDPR, PCI DSS, SOX). Strong written communication skills, able to produce clear technical reports and risk documentation. Excellent stakeholder management, able to collaborate across technical and non-technical teams. Beneficial certifications: CISSP, CISA, CISM (or equivalent). ISO27001 / ISMS Accredited qualifications would be beneficial Experience working in financial sector would be beneficial Experience in ensuring internal IT system compliance against agreed standards Key Responsibilities of the GRC Analyst: Maintain and improve the security risk assessment framework, procedures, and workflows. Manage and update security questionnaires to align with compliance requirements, industry standards, and regulations. Conduct asset-level and third-party/vendor risk assessments. Analyse and document inherent and residual risks, providing clear recommendations. Produce detailed technical reports highlighting findings, control gaps, and proposed remediation plans. Drive remediation Perform periodic and ad-hoc risk assessments in line with organisational policies. The GRC Analyst is required onsite in London, once a week. Apply now to speak with VIQU IT in confidence about the GRC Analyst role. Or reach out to Connor Smal via the VIQU IT website. Do you know someone great? We’ll thank you with up to £1,000 if your referral is successful (terms apply). For more exciting roles and opportunities like this, please follow us on LinkedIn @VIQU IT Recruitment.

Technology Planning and Governance Manager Be responsible for the ongoing development and maintenance of the technology alignment roadmap for Corporate working closely with senior stakeholders, systems owners and 3 parties to deliver innovation. Lead day-to-day support and management of the core business Applications Portfolio lifecycle including but not limited to Finance, Legal, Property, Pensions, Treasury, HR, Business Development, Payroll and our Corporate Intranet ensuring that delivery of change is fit for purpose, of high quality, reliable and secure. Role Responsibilities Drive customer-centricity and stakeholder engagement, work closely with Corp functions to align application roadmaps with the combined Corp IT / SSC annual technology plans and dependencies. Work with senior stakeholders to build, document and map business capability to solution architecture across the Corp. Take ownership and develop a technology roadmap that meets the application requirements of the Corp to support the wider Company businesses. Evaluate the potential impacts of application workloads moving to cloud, notwithstanding the threats and opportunities for Corp functions. Shape, create and present business cases for high level initiatives, seek approval, funding and prioritisation with senior stakeholders. Understand the capital allocation requirement across the Corp functions plus the overall impact of application change on the operational expenditure budget. Align technology roadmaps and annual budget planning, use as the foundation for reporting on the state of the Corp Application portfolio. Provide technical leadership for Corp initiatives engaging across the Company where corporate applications service the wider businesses. Solve complex business problems with process and technology that cut across Corp group such as Identity and Access Management. Document and review IT standards, procedures and policies to ensure compliance with legal and regulatory requirements. Liaise with internal and external audit teams. Develop and adapt innovation tools and processes to drive operational excellence within Corp IT. Establish and maintain a consistent and integrated approach to information security and data protection governance in line with audit requirements. Create alignment on how to utilise governance forums such as User Experience and Architecture to improve services delivered to Corp functions. Manage solution architects, contractors, 3 Parties and business analyst in the future. Experience Required Significant and relevant progressive IT experience Experience of being in a practical solution planning and technical architecture design role is essential e.g. SaaS, Identity and Access Management Good understanding of emerging and innovative technologies, how to shape, deliver and leverage those technologies Experience of architecture business capability mapping, data management governance, technology roadmaps and project delivery lifecycle processes. Experience of ensuring compliance between corporate business application roadmaps and IT roadmaps. Experience of working within an ITIL service management environment with strong knowledge of business systems or applications within a corporate environment. Ability to deal with and manage conflicts whilst building successful business relationships across a range of stakeholder groups both internal and external to the organisation. Proven leadership skills, setting objectives and ensuring delivery of services to target Proven contract management, supplier management, procurement, and vendor selection experience Experience of systems such as Microsoft Office 365, Dynamics 365, SAP Success Factors, Treasury Openlink Findur, CMS, BACs Payment Platforms, Microsoft Power BI, Integration/ETL, Azure Active Directory Single Sign On and other bespoke applications Experience in executing business continuity planning and IT DRP Creating solution and technical application architectures, IT standards and policies Day-to-Day management of the Application Portfolio, its currency, dependencies and risk Technical lead on major system changes and upgrades Responsible for the development and management of Solution Architects, Business Analyst and contract resources Provide support to Corporate functions and wider businesses to enable them to optimise their use of corporate applications Vendor Management and selection (RFIs / RFP support) The Client is based in Central London. Please do send your CV to us in Word format along with your salary and availability.

En tant que MOA / Business Analyst Senior , vous serez en charge de piloter et de faire évoluer des outils liés à la gestion des risques, à la conformité IT et au contrôle interne. Vous interviendrez sur toutes les phases des projets (cadrage, conception, recette, mise en production) et assurerez la coordination entre les équipes métier et techniques dans un environnement international et multiculturel. Vos missions principales incluront : Définir les besoins métiers, rédiger les user stories et les spécifications fonctionnelles. Assurer le cadrage des projets et leur suivi de bout en bout. Échanger avec les équipes de développement et contribuer à la conception des solutions. Organiser et piloter les phases de test (UAT) ainsi que les mises en production. Garantir la conformité des outils aux normes de Risk Management, Compliance & Audit . Contribuer à l’intégration et l’évolution de solutions IRM/GRC (ex. RSA Archer, ServiceNow, Enablon, MetricStream, etc.). Interagir avec des équipes projet et métiers à l’international, dans un contexte complexe et multiculturel. Produire et maintenir la documentation fonctionnelle et réglementaire associée. Ce poste requiert une forte capacité d’analyse, une compréhension des enjeux réglementaires IT, ainsi qu’une solide expérience dans la conduite de projets stratégiques en environnement exigeant.

Security Risk Analyst – 6-month contract – London/Remote – Inside IR35 My Customer is looking for a Security Risk Analyst to join their Governance, Risk & Compliance (GRC) team. You will play a key role in strengthening their risk management processes, working primarily with Archer and other GRC tools to support risk assessment, compliance, and governance activities. In this role, you will be responsible for identifying, assessing, and tracking security risks across assets, systems, and third parties, ensuring compliance with internal standards, policies, and regulatory frameworks. Key Skills from the Security Risk Analyst: Strong background in Security Risk and Governance with hands-on experience in Archer (experience with other GRC tools is also valuable). Solid understanding of risk assessment methodologies, security frameworks (NIST, ISO 270001), and compliance requirements (GDPR, PCI DSS, SOX). Strong written communication skills, able to produce clear technical reports and risk documentation. Excellent stakeholder management, able to collaborate across technical and non-technical teams. Beneficial certifications: CISSP, CISA, CISM (or equivalent). ISO27001 / ISMS Accredited qualifications would be beneficial Experience working in financial sector would be beneficial Experience in ensuring internal IT system compliance against agreed standards Key Responsibilities of the Security Risk Analyst: Maintain and improve the security risk assessment framework, procedures, and workflows. Manage and update security questionnaires to align with compliance requirements, industry standards, and regulations. Conduct asset-level and third-party/vendor risk assessments. Analyse and document inherent and residual risks, providing clear recommendations. Produce detailed technical reports highlighting findings, control gaps, and proposed remediation plans. Drive remediation Perform periodic and ad-hoc risk assessments in line with organisational policies. The Security Risk Analyst is required onsite in London, once a week. Apply now to speak with VIQU IT in confidence about the Security Risk Analyst role. Or reach out to Connor Smal via the VIQU IT website. Do you know someone great? We’ll thank you with up to £1,000 if your referral is successful (terms apply). For more exciting roles and opportunities like this, please follow us on LinkedIn @VIQU IT Recruitment.

Consultant / Expert GRC (IT & OT) – Mission Audit et Conformité Contexte : Au sein de l’équipe GRC (Governance, Risk & Compliance), le consultant sera chargé de mettre en place et de dérouler des inventaires et audits IT/OT pour les différentes entités du client. Missions principales : Définir les plans d’audit et de contrôle de sécurité (IT et OT) au sein de l’organisation. Réaliser et documenter les audits et contrôles périodiques ou ponctuels. Analyser et traiter les demandes sur le périmètre IT/OT en garantissant la qualité et les délais des réponses. Évaluer la conformité des entités aux normes et référentiels en vigueur (ISO 27001, NIS2, etc.). Contribuer à la mise à jour et à l’amélioration continue du socle documentaire existant (procédures, politiques, guides). Profil recherché : Expérience : 5 à 7 ans minimum en audit, conformité ou cybersécurité, idéalement avec une exposition aux environnements industriels (OT). Compétences techniques : Maîtrise des référentiels de sécurité et de conformité (ISO 27001, NIST, NIS2, ANSSI, etc.). Connaissances solides des environnements IT et OT. Expérience en audits de sécurité, contrôle interne et conformité réglementaire. Compétences transverses : Capacité à piloter un plan d’audit et à formaliser des livrables clairs et exploitables. Rigueur documentaire et esprit de synthèse. Bon relationnel, capacité à interagir avec des interlocuteurs variés (IT, métiers, filiales internationales). Langues : anglais professionnel indispensable (audit des filiales à l’international). Lieu : Mission basée à Bruz (région rennaise) ou Paris

Global Resilience Risk Specialist Technology Risk Lead Global Operational and Resilience Risk (ORR) is a sub function of Group Risk. Its purpose is to make sure the bank understands, and is in control of its non-financial risk position. In addition, the function provides resilience risk stewardship to global businesses, functions and entities we operate in. This is achieved through: Completing analytical assessments and opining on the control environment of the First Line of Defence (1LOD) within Businesses Constructive challenge to the global businesses and functions on their control environment and assessment of risk Oversight of emerging risks, strategic business initiatives and local change activity and new/materially changed products Analysis of risk exposure across all bank operations and territories to inform capital management and stress testing requirements Completing thematic reviews and aggregated reporting of the Non-Financial Risk profile of the bank Responsibility for the implementation of a Risk Management Framework (RMF) that sets out governance, policies and practices to proactively identify, assess, measure and report on, mitigate and control operational risk exposures associated with the businesses and operations at all levels of the organization. The role holder will maintain close working relationships with the wider ORR team, locally, globally and globally Key Accountabilities: The role holder will have global responsibility for: Leading the deployment of deep subject matter expertise around technology risk globally Providing issues, event and incident oversight, including specialist oversight of technical controls globally Supporting country and global ORR Managers with all technology risk related queries Providing advice, guidance and challenge to senior businesses, functions and entity management, ensuring robust opinion is provided through global governance Recommending risk appetite thresholds for technology risk, and oversee risk appetite monitoring Providing guidance and support with policy writing, owning and monitoring compliance with a comprehensive set of clear and concise policies that outline the key principles and minimum requirements applicable to the management of technology risk Engaging with risk owners, control owners and risk stewards to ensure technology risks are managed in accordance to policy Overseeing compliance, for example, through the Risk and Control Assessment process, Top Risk Assessments and Incident Management process Promoting and developing technology risk awareness and risk management culture in order to ensure that the material risks are both evident and effectively managed Identifying any concerning trends and challenging the business to address these Leading on defining the risk and control library, including minimum control standards, with input from Risk Owners, Business Service and Control Owners, specifying key risks and key controls Recommending RCA scoping for technology risk controls and challenge where this is not appropriately applied in the RCA Driving appropriate governance for technology risk across key stakeholders and senior control owners Reporting on risk and control profile, including impacts of external environment changes, emerging risks and changes to the business strategy Monitoring the local external environment to get early sight of emerging risks and provide detailed guidance on controls required to mitigate against them Providing technical guidance to support development and completion of ORR and regulatory reporting obligations (e.g. RAS, top & emerging risks, risk profile reporting, RMM, Board reporting where relevant, etc.) Ensuring any concerns with key controls and material change programmes, relevant to technology risk, are understood and escalated as required Leading regulator and audit engagement pertaining to technology risk; ensure regulatory compliance for technology risk and timely completion of audit actions and findings Support training and capability uplift across ORR to ensure robust understanding of Technology risk. Requirements: Strong leader with the ability to influence at the senior levels of the organisation Expert level of technology risk management knowledge and relevant deep experience in this field Comprehensive knowledge of the internal control environment Ability to communicate effectively, building strong relationships and influence senior internal and external stakeholders Comprehensive knowledge of the external environment (threat, regulatory, geopolitical, competitor, technological landscapes) A change agent who challenges the status quo constructively and positively, leading relevant strategies that enable safe growth of the bank An advanced degree preferable in relevant discipline (e.g. Masters, Doctorate etc.) Location: Kraków The Client will consider candidates from France, Germany UK etc… to work remotely whilst we are in a Pandemic and probably 2 days a week in Krakow after that point. Salary will be in the range of Euros 75K – Euros 95K. Do send your CV to us in Word format along with your monthly salary either in Euros or PLZ.

Description At Engine by Starling , we are on a mission to find and work with leading banks all around the world who have the ambition to build rapid growth businesses, on our technology. Engine is Starling's software-as-a-service (SaaS) business, the technology that was built to power Starling, and two years ago we split out as a separate business. Starling has seen exceptional growth and success, and a large part of that is down to the fact that we have built our own modern technology from the ground up. This SaaS technology platform is now available to banks and financial institutions all around the world, enabling them to benefit from the innovative digital features, and efficient back-office processes that has helped achieve Starling's success. As a company, everyone is expected to roll up their sleeves to help deliver great outcomes for our clients. We are an engineering led company and we're looking for people who are will be excited by the potential for Engine's technology to transform banking in different markets around the world. Our purpose is underpinned by five values: Listen, Keep It Simple, Do The Right Thing, Own It, and Aim For Greatness. Hybrid Working We have a Hybrid approach to working here at Engine - our preference is that you're located within a commutable distance of our offices so that we're able to interact and collaborate in person. Role Purpose This role is part of the Risk & Compliance team. The purpose of this role is to be a key player in the delivery of Engine's Risk Management Framework, to ensure that Engine: Is effectively identifying and managing risk across all its activities (both in the UK and internationally) Operates within the agreed risk appetite(s) Continues to meet the Group risk standards, Engine's risk standards, relevant industry standards and that our clients can be confident in our ability to identify and mitigate risk in a clear and timely manner. The role works with the Compliance Director, the Risk & Compliance Team and our Information Security and Legal colleagues to ensure that Engine is identifying and managing risk in the jurisdictions in which we are currently or in which we are planning to operate, in a clear, transparent and repeatable manner within our own and Group Policies and Risk Appetites. Key Accountabilities or Responsibilities: Embed and then mature the operation of Engine's Risk Management Framework, including Engine's Risk Appetite Framework, capturing and mitigating Enterprise risks, and ongoing Operational Risk Management. Facilitate the implementation of a risk management tool to enable more effective tracking, Management Information and aggregated Group reporting as appropriate. Build out Engine's RCSA process, and run it (including tracking actions to completion and reporting on progress). As part of this, support wider business areas with identifying, understanding and documenting risks across all current and planned activities. Work with the wider team to carry out Risk Assessments relating to business change, global expansion etc. Contribute to risk assessments and risk reporting to the Engine Management Team, Committees and Board as required. Work closely with the Starling Group and Engine Risk functions, Engine's management team, Information Security team, legal team and other key stakeholders to achieve all of the above.

Nous cherchons un MOA/Chef de Projet pour le projet GRC IT, solution GRC/IRM monde avec +10000 utilisateurs. Minimum 10 ans d’expérience professionnelle avec min 5 ans dans des activités évolutions logiciel (Cadrage des projets, rédaction des user stories, échange avec le dev, UAT, mises en prod…) Connaissances sur ce type de thématiques IT : IT Risk, IT Compliance & Control, Integrated Risk Management, Audit … Expérience et capacités dans la gestion des projets importants, dans des organisations complexes avec des équipes multiculturelles. Très bon niveau d’anglais Les plus : Avoir des connaissances des solutions/outils IRM/GRC, par exemple : RSA Archer, ServiceNow, Enablon, MetricStream, Egerie, Riskonnect… Expérience dans ServiceNow Les profils opérationnels qui n’ont pas été MOA/BA d’un outil pendant 5 ans ne conviennent pas

IT Technology Planning & Governance Manager with Enterprise Architect Solutions Our Client is a leading company in the UK who are looking to recruit a candidate with at least 10 years expertise in IT technology and governance planning with Enterprise Architect Solutions experience. The role is Technology Planning Manager where you be responsible for the ongoing development and maintenance of the technology alignment roadmap for Corporate working closely with senior stakeholders, systems owners and 3 parties to deliver innovation. Lead day-to-day support and management of the core business Applications Portfolio lifecycle including but not limited to Finance, Legal, Property, Pensions, Treasury, HR, Business Development, Payroll and our Corporate Intranet ensuring that delivery of change is fit for purpose, of high quality, reliable and secure. Role Responsibilities Drive customer-centricity and stakeholder engagement, work closely with Corp functions to align application roadmaps with the combined Corp IT / SSC annual technology plans and dependencies. Work with senior stakeholders to build, document and map business capability to solution architecture across the Corp. Take ownership and develop a technology roadmap that meets the application requirements of the Corp to support the wider Company businesses. Evaluate the potential impacts of application workloads moving to cloud, notwithstanding the threats and opportunities for Corp functions. Shape, create and present business cases for high level initiatives, seek approval, funding and prioritisation with senior stakeholders. Understand the capital allocation requirement across the Corp functions plus the overall impact of application change on the operational expenditure budget. Align technology roadmaps and annual budget planning, use as the foundation for reporting on the state of the Corp Application portfolio. Provide technical leadership for Corp initiatives engaging across the Company where corporate applications service the wider businesses. Solve complex business problems with process and technology that cut across Corp group such as Identity and Access Management. Document and review IT standards, procedures and policies to ensure compliance with legal and regulatory requirements. Liaise with internal and external audit teams. Develop and adapt innovation tools and processes to drive operational excellence within Corp IT. Establish and maintain a consistent and integrated approach to information security and data protection governance in line with audit requirements. Create alignment on how to utilise governance forums such as User Experience and Architecture to improve services delivered to Corp functions. Manage solution architects, contractors, 3 Parties and business analyst in the future. Experience Required Significant and relevant progressive IT experience Experience of being in a practical solution planning and technical architecture design role is essential e.g. SaaS, Identity and Access Management Good understanding of emerging and innovative technologies, how to shape, deliver and leverage those technologies Experience of architecture business capability mapping, data management governance, technology roadmaps and project delivery lifecycle processes. Experience of ensuring compliance between corporate business application roadmaps and IT roadmaps. Experience of working within an ITIL service management environment with strong knowledge of business systems or applications within a corporate environment. Ability to deal with and manage conflicts whilst building successful business relationships across a range of stakeholder groups both internal and external to the organisation. Proven leadership skills, setting objectives and ensuring delivery of services to target Proven contract management, supplier management, procurement, and vendor selection experience Experience of systems such as Microsoft Office 365, Dynamics 365, SAP Success Factors, Treasury Openlink Findur, CMS, BACs Payment Platforms, Microsoft Power BI, Integration/ETL, Azure Active Directory Single Sign On and other bespoke applications Experience in executing business continuity planning and IT DRP Creating solution and technical application architectures, IT standards and policies Day-to-Day management of the Application Portfolio, its currency, dependencies and risk Technical lead on major system changes and upgrades Responsible for the development and management of Solution Architects, Business Analyst and contract resources Provide support to Corporate functions and wider businesses to enable them to optimise their use of corporate applications Vendor Management and selection (RFIs / RFP support) The Client is based in Central London. The salary for this role will be in the range of £90K - £110K + Benefits. Please do send your CV to us in Word format along with your salary and availability.

Consultant(e) GRC Contexte : Nous recherchons un consultant GRC (Governance, Risk & Compliance) afin de structurer et opérer la gouvernance sécurité, accélérer l’implémentation ISO (27001/27002/27005) et renforcer la conformité réglementaire. Vous interviendrez au sein d’équipes internationales, en lien étroit avec le CISO, pour définir des policies, conduire des assessments, piloter le risk management et préparer les audits. Le besoin est opérationnel: au‑delà de la gestion de projet, vous mettez les mains dans l’exécution (evidence management, remédiations, tableaux de bord). Description de la mission Définir, formaliser et maintenir le corpus de politiques/standards/procédures GRC (charte, RACI, contrôles). Réaliser des évaluations de maturité et de conformité, gap analysis et priorisation. Piloter la gestion des risques: registre, KRIs, comités de risque, suivi et reporting exécutif. Couvrir le cadre légal/réglementaire: GDPR, PSD2, exigences CSSF; cartographie, preuves et remédiations. Préparer et accompagner les audits internes/externes: plan d’audit, collecte de preuves, traitement des non‑conformités. Encadrer la sécurité des tiers: due diligence, exigences contractuelles, suivi des plans d’actions. Sensibiliser et accompagner le changement; produire tableaux de bord (KPIs/KRIs) pour la direction. Contribuer à l’outillage GRC (ex. Archer, ServiceNow GRC, OneTrust) et à l’amélioration continue.

Description Hello, we're Starling. We built a new kind of bank because we knew technology had the power to help people save, spend and manage their money in a new and transformative way. We're a fully licensed UK bank with the culture and spirit of a fast-moving, disruptive tech company. We're a bank, but better: fairer, easier to use and designed to demystify money for everyone. We employ more than 3,000 people across our London, Southampton, Cardiff and Manchester offices. As a Senior Credit Risk Analyst, you'll play a key role in shaping the future of our lending portfolios. You'll be at the forefront of credit decision optimisation, using data-driven insights to refine our strategies across the credit risk lifecycle. You'll help ensure lending decisions remain accurate, responsible, and aligned with our risk appetite and business goals, while supporting growth, customer outcomes and regulatory expectations. This is a high-impact role where your analytical expertise and curiosity will directly influence our ability to lend safely and fairly. Key Responsibilities - Develop expert understanding of new business originations and in-life credit risk management, including all aspects of credit decisioning and customer journeys - Optimise our credit underwriting - both automated and manual - to improve accuracy, efficiency, and control - Monitor and evaluate strategy performance, including underwriting, limit changes to drive performance improvements. - Investigate and develop new data sources to enhance insight and decision capability - Build and maintain datasets, dashboards and MI to support data-driven strategy decisions - Support business growth and profitability while balancing risk, reward and responsible lending - Work closely with 2LoD Credit Risk and Compliance to ensure strategies align with risk appetite and regulatory expectations - Collaborate with Product, Data and Engineering teams to deliver rapid, safe implementation of credit rules and enhancements - Produce thoughtful, actionable analysis and clear recommendations for decision-makers