We are delighted to announce that Audit & Risk Recruitment have been exclusively mandated by a FTSE 250 business to help build an Audit, Risk and Compliance function for a leading FMCG brand in Scotland.

The IT Risk & Controls Manager, who reports into the Head of Risk, is responsible for overseeing the identification, assessment, and mitigation of IT-related risks within the organisation.

This role involves developing and implementing IT risk management and control frameworks, ensuring robust internal controls, and maintaining compliance with regulatory requirements. The IT Risk & Controls Manager will collaborate with various IT and business units to enhance the organisation’s overall risk posture.

Key Responsibilities:

• Identify, assess, and prioritize IT risks, including cybersecurity, data privacy, and operational risks.
• Design and implement effective IT controls to mitigate identified risks.
• Monitor and evaluate the effectiveness of IT controls and risk management strategies.
• Ensure compliance with relevant laws, regulations, and industry standards (e.g., GDPR, ISO 27001).
• Prepare and present IT risk reports to senior management and the board of directors.
• Conduct training and awareness programs on IT risk and controls.

Qualifications & Experience

• Minimum of 5 years of experience in IT risk management, IT audit, or a related field.
• Strong understanding of IT risk management principles and practices.
• In-depth knowledge of IT risk management and control frameworks e.g COBIT, ITIL
• Ability to analyse complex IT environments and identify potential risks.
• Excellent organizational and project management skills.
• High attention to detail and accuracy.
• Strong leadership and influencing skills