Senior Risk Analyst
Senior Risk AnalystAbout the Role
IT Risk Analyst , Warwick
You will provide support and advice to National Grid IT Delivery Centres (DCs), and challenge and monitor (through metrics and assessments) the way that risks are managed, controls are implemented, and findings are addressed. This is a 2nd line role in the 3 Line of Defence model for Risk Management.
You will take the lead in improving processes and coaching members of the team and reviewing their work.
The purpose of the role is:• To provide ongoing support, advice and challenge for 1st line of defence. Build knowledge of, and good working relationships with, assigned DC(s).• To be an SME on specific risks and related controls in providing such advice and support.• To work with the IT DCs and other Technology Risk and Security teams to evolve our Risk Universe and Control Framework to address identified weaknesses and emerging threats.• To assess the effectiveness of controls through the creation of KPIs/KRIs, analysis of metric data and by conducting assessments.• To ensure risks are accurately articulated and appropriate business and IT approval is sought where risks are being accepted or exceptions are being granted.• Work with the 1st line of defence to identify risk event root causes and remediation plans.• To manage risks, controls and findings within the eGRC tool.• To act as a role model for and coach more junior members of the team.• To review work done by other members of the team as part of defined QA processes.About You
You will have:• Risk Management and Information Security certifications such as CRISC, CISSP, CISM or CEH.• Experience in managing information systems or information/cyber security risk according to an industry standard approach.• Knowledge of the 3 Line of Defence model for Risk Management.• Ability to demonstrate a high degree of credibility and influence senior stakeholders within the Organisation.• Ability to communicate effectively both orally and in writing.• Excellent knowledge of information/cyber security and related principles.• Thorough knowledge of IT and information/cyber security controls.• Self-motivated, able to deliver with minimal supervision, and always be aware of the “bigger picture”.• Experience of relevant standards, frameworks and regulations including some of: NIS Directive, GDPR, NERC CIP, Sarbanes Oxley, PCI, NIST Cyber Security Framework, HIPAA, UK Directive 105, US Data Privacy related laws, CFATS, CCPA, MAS 201, RIITPA, NIST 800-53, COBIT 5.
Experience with Critical National Infrastructure (CNI) and utility industry experience preferred.About Us
National Grid touches the lives of almost everyone in the UK, with an energy network that stretches across the Atlantic. We’re an international team, and our work underpins the lives of millions of people. Feet forwards, head up, and eyes bright, we’re working hard to create value for people today – and shape the future of energy tomorrow.
In the UK, we don’t generate or sell energy – we join the dots to get energy from A to B. From making a cup of tea in the morning, to keeping the lights on in hospitals, our electricity network puts power in the hands of people. Without it, the world as we know it would grind to a halt.
The world of energy is changing beyond recognition. Working at National Grid, you won’t just be touching the lives of almost everyone in the UK – you’ll be shaping the way we use and consume energy for generations to come.Our Values & Principles
At National Grid, through listening to what our customers need, every day we do the right thing and find a better way.
As a National Grid employee, you’ll treat our customers as a priority, taking time to listen and work with them to help give them the best experience we possibly can. You’ll need to be proactive and flexible in your approach and continually look for ways to exceed their expectations – sometimes in unexpected and helpful ways. You’ll provide accessible information when our customers need it and make things simple by using your expertise to guide them. Above all, you’ll follow through on your promises to deliver value, drive efficiency and give them a great customer experience.
We offer inclusion and diversity training for everyone here at National Grid, with a view to building an inclusive working environment and developing all our employees. Training opportunities range from unconscious bias and reverse mentoring to targeted training initiatives which are tailored to support our diverse and innovative work force.What You'll Get
A highly competitive salary
As well as your base salary, you will receive a bonus based on personal and company performance and a competitive contributory pension scheme where we will double match your contribution to a maximum company contribution of 12%. You will also have access to a number of flexible benefits such as a share incentive plan, salary sacrifice car and technology schemes, support via employee assistance lines and matched charity giving to name a few.