IT Audit Risk & Control Specialist

Position: IT Audit Risk & Control Specialist |
** Santander UK
** is looking for an
** IT Risk & Control Specialist
** based out of
** Milton Keynes**.
* Leading and promoting a solid culture of risk awareness and management across the function.
* Develop, recommend, implement control measures to maintain risk management practices in technology for financial services while keeping up to date with industry best standards.
* Prepare reports for executive management, Board and regulatory bodies as needed.
* Provide thought-leadership as the Risk and Controls specialist for all cloud and on-premise technology.
* Ensure controls are effective, efficient, and aligned with best practices, regulatory and company requirements.
* Leading by example, fosters a culture of control which balances risk reduction through control effectiveness against the needs of the business and its customers.
* ** Providing senior oversight of audit facilitation and support
** across multiple stakeholder areas, ensuring the integrity and consistency of golden source data, proactively addressing impediments to fieldwork delivery, and escalating material issues where audit timelines or outcomes are at risk. (Required)
* Proven experience managing relationships with internal and external auditors, business and technology stakeholders and leading large-scale assessment programmes. (Required)
* ** Delivering insightful management information and reporting
** by leveraging data analytics and advanced analysis techniques to interrogate large and complex datasets, identifying trends, control weaknesses, or anomalies indicative of heightened technology risk. (Required)
* ** Holding end‑to‑end accountability for audit delivery**, ensuring audits progress in line with agreed plans, milestones are met, and management actions are remediated within agreed time frames, with clear escalation of delays or control concerns to senior governance forums. (Required)
* ** Producing clear, executive‑level audit reporting
** for senior stakeholders, articulating key risks, control deficiencies, root causes, and priority remediation actions in a concise and decision‑focused manner. (Required)
* ** Driving continuous improvement of IT processes and control environments
** by identifying opportunities arising from audit outcomes, regulatory expectations, and industry best practice, and influencing stakeholders to implement sustainable control enhancements. (Required)
* In-depth knowledge and experience of operating at a senior level in risk management with a demonstratable understanding of current regulatory and IT Risk & Control Management. (Required)
* Excellent communication skills with stakeholders at all levels of the organisation, including technical and non-technical teams. (Required)
* Extensive Experience working in regulated industries and Tier 1 Banks, in particular leveraging technology standards, frameworks, compliance, and industry recognised best practice / standards. (Required)
* Experience with GRC tools and data analytics to enhance efficiency and insight. (Preferred)
* Professional certifications such as Certified Risk Management Professional (CRMP), Certified Internal Auditor (CIA), or similar are advantageous. (Preferred)
* Experience of building high performance teams. (Preferred)
* Strong understanding of IT risk and control frameworks (Required)
* Experience with cloud and on-premises technology environments (Required)
* Ability to interpret and apply regulatory requirements to IT environments (Required)
* Experience with audit processes and risk assessments (Required)
* Knowledge of cyber security principles and best practices (Preferred)
* Excellent communication skills with stakeholders at all levels, including technical and non-technical teams (Required)
* Strong analytical and problem-solving skills (Required)
* Ability to influence and negotiate with stakeholders on risk acceptance decisions (Required)
* Leadership and team-building skills (Required)
* High attention to detail and accuracy (Required)
* Ability to work independently and as part of a team (Required)
* Adaptability and willingness to embrace change (Preferred)
* Strong organisational and time management skills (Preferred)
* 30 days’…