Sword is a leading provider of business technology solutions within the Energy, Public and Finance Sectors, driving transformational change within our clients. We use proven technology, specialist teams and domain expertise to build solid technical foundations across platforms, data, and business applications. We have a passion for using technology to solve business problems, working in partnership with our clients to help in achieving their goals. About the role The Risk, Compliance & Resilience Advisor shall help to manage compliance and assurance for supporting the Senior Manager - Risk & Compliance and Risk & Resilience Lead by ensuring that: Risk Assessment: Assist in identifying, assessing, and prioritising risks across the organisation. Conduct risk assessments to evaluate the likelihood and potential impact of risks on business operations and objectives Compliance Monitoring: Monitor regulatory developments and changes in laws, regulations, and industry standards. Assess the organisation's compliance with applicable regulations, standards, and internal policies Resilience Planning: Support the Global Risk & Resilience Lead in the Development and maintenance of IT resilience and business continuity plans to ensure the organisation's ability to respond to and recover from IT disruptions Incident Response and Management: Provide support in DR related incident response activities, including investigating IT security incidents, breaches, and disruptions Issue Identification: Identify and document risk deficiencies, compliance gaps, and areas for improvement. Collaborate with stakeholders to develop actionable recommendations and corrective action plans to address identified issues Documentation and Reporting: Maintain accurate documentation of risk assessments, compliance reviews, control testing activities, and remediation efforts. Prepare regular reports for management and stakeholders on the status of risk, compliance, and control activities Policy and Procedure Development: Assist in the development and maintenance of risk management, compliance, and control related policies, procedures, and guidelines. Ensure alignment with regulatory requirements and industry best practices in alignment with the Global IS Governance Lead Vendor Risk Management Support: Assist in assessing and managing risks associated with third party vendors and service providers. Evaluate vendor controls and adherence to contractual obligations Continuous Improvement: Identify opportunities for enhancing risk management, compliance, and control processes. Recommend and implement improvements to strengthen the organisation's risk and control environment Project Work: Contribute to project activities as required to ensure GRC requirements are understood and addressed Areas of Accountability, Responsibility and Competence Level Works with the Global Risk & Compliance Senior Manager to support IS in the delivery of governance, compliance, and risk activities, whilst supporting the Integration projects Supports the execution of the security, audit, and compliance activities Supports the Global Risk & Compliance Senior Manager by ensuring the successful delivery of initiatives and projects within the Risk and Compliance environment Supports the Risk & Compliance Senior Manager, and Risk & Resilience Lead in any required activities which support improvements in assurance, compliance, and audit activities Addresses findings from identified risks or audits Ensures the ISMS contains an accurate record of risks, events, and issues Supports the internal and external audit investigations Ensures that the audit tests, self certifications, and audit reviews are relevant, consistent, and conducted in accordance with professionally accepted auditing standards Works with minimal supervision, using clearly defined processes and procedures Facilitates the use of performance metrics to improve output May be required to provide out of hours support via an on call rota Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate compliance and risk related concepts to technical and non technical audiences Substantial relevant experience in control management for governance, compliance, IT audits, IS assurance and risk management programmes CISA, CISM or equivalent preferred BSc or equivalent qualification in IT based degree preferred 3+ years relevant IT work experience Proven ability to communicate with technical teams to elicit information and requirements Understanding of regulatory requirements, including cross industry regulations (e.g., GDPR, Data Protection Act) and industry specific regulations Skilled in implementing compliance and control frameworks Proficient in IT governance and quality standards Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT as well as those from NIST, including and Cybersecurity Framework Excellent stakeholder management skills High level of personal integrity, as well as the ability to professionally handle confidential matters and show an appropriate level of judgement and maturity Knowledge of OneTrust risk management toolset or similar preferred At Sword, our core values and culture are based on caring about our people, investing in training and career development, and building inclusive teams where we are all encouraged to contribute to achieve success. We offer comprehensive benefits designed to support your professional development and enhance your overall quality of life. In addition to a Competitive Salary, here's what you can expect as part of our benefits package: Personalised Career Development: We create a development plan customised to your goals and aspirations, with a range of learning and development opportunities within a culture that encourages growth. Flexible working: Flexible work arrangements to support your work life balance. We can't promise to always be able to meet every request, however, are keen to discuss your individual preferences to make it work where we can. A Fantastic Benefits Package: This includes generous annual leave allowance, enhanced family friendly benefits, pension scheme, access to private health, well being, and insurance schemes. At Sword we are dedicated to fostering a diverse and inclusive workplace and are proud to be an equal opportunities employer, ensuring that all applicants receive fair and equal consideration for employment, regardless of whether they meet every requirement. If you don't tick all the boxes but feel you have some of the relevant skills and experience we're looking for, please do consider applying and highlight your transferable skills and experience. We embrace diversity in all its forms, valuing individuals regardless of age, disability, gender identity or reassignment, marital or civil partner status, pregnancy or maternity status, race, colour, nationality, ethnic or national origin, religion or belief, sex, or sexual orientation. Your perspective and potential are important to us.
Apr 17, 2026
Full time
Sword is a leading provider of business technology solutions within the Energy, Public and Finance Sectors, driving transformational change within our clients. We use proven technology, specialist teams and domain expertise to build solid technical foundations across platforms, data, and business applications. We have a passion for using technology to solve business problems, working in partnership with our clients to help in achieving their goals. About the role The Risk, Compliance & Resilience Advisor shall help to manage compliance and assurance for supporting the Senior Manager - Risk & Compliance and Risk & Resilience Lead by ensuring that: Risk Assessment: Assist in identifying, assessing, and prioritising risks across the organisation. Conduct risk assessments to evaluate the likelihood and potential impact of risks on business operations and objectives Compliance Monitoring: Monitor regulatory developments and changes in laws, regulations, and industry standards. Assess the organisation's compliance with applicable regulations, standards, and internal policies Resilience Planning: Support the Global Risk & Resilience Lead in the Development and maintenance of IT resilience and business continuity plans to ensure the organisation's ability to respond to and recover from IT disruptions Incident Response and Management: Provide support in DR related incident response activities, including investigating IT security incidents, breaches, and disruptions Issue Identification: Identify and document risk deficiencies, compliance gaps, and areas for improvement. Collaborate with stakeholders to develop actionable recommendations and corrective action plans to address identified issues Documentation and Reporting: Maintain accurate documentation of risk assessments, compliance reviews, control testing activities, and remediation efforts. Prepare regular reports for management and stakeholders on the status of risk, compliance, and control activities Policy and Procedure Development: Assist in the development and maintenance of risk management, compliance, and control related policies, procedures, and guidelines. Ensure alignment with regulatory requirements and industry best practices in alignment with the Global IS Governance Lead Vendor Risk Management Support: Assist in assessing and managing risks associated with third party vendors and service providers. Evaluate vendor controls and adherence to contractual obligations Continuous Improvement: Identify opportunities for enhancing risk management, compliance, and control processes. Recommend and implement improvements to strengthen the organisation's risk and control environment Project Work: Contribute to project activities as required to ensure GRC requirements are understood and addressed Areas of Accountability, Responsibility and Competence Level Works with the Global Risk & Compliance Senior Manager to support IS in the delivery of governance, compliance, and risk activities, whilst supporting the Integration projects Supports the execution of the security, audit, and compliance activities Supports the Global Risk & Compliance Senior Manager by ensuring the successful delivery of initiatives and projects within the Risk and Compliance environment Supports the Risk & Compliance Senior Manager, and Risk & Resilience Lead in any required activities which support improvements in assurance, compliance, and audit activities Addresses findings from identified risks or audits Ensures the ISMS contains an accurate record of risks, events, and issues Supports the internal and external audit investigations Ensures that the audit tests, self certifications, and audit reviews are relevant, consistent, and conducted in accordance with professionally accepted auditing standards Works with minimal supervision, using clearly defined processes and procedures Facilitates the use of performance metrics to improve output May be required to provide out of hours support via an on call rota Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate compliance and risk related concepts to technical and non technical audiences Substantial relevant experience in control management for governance, compliance, IT audits, IS assurance and risk management programmes CISA, CISM or equivalent preferred BSc or equivalent qualification in IT based degree preferred 3+ years relevant IT work experience Proven ability to communicate with technical teams to elicit information and requirements Understanding of regulatory requirements, including cross industry regulations (e.g., GDPR, Data Protection Act) and industry specific regulations Skilled in implementing compliance and control frameworks Proficient in IT governance and quality standards Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT as well as those from NIST, including and Cybersecurity Framework Excellent stakeholder management skills High level of personal integrity, as well as the ability to professionally handle confidential matters and show an appropriate level of judgement and maturity Knowledge of OneTrust risk management toolset or similar preferred At Sword, our core values and culture are based on caring about our people, investing in training and career development, and building inclusive teams where we are all encouraged to contribute to achieve success. We offer comprehensive benefits designed to support your professional development and enhance your overall quality of life. In addition to a Competitive Salary, here's what you can expect as part of our benefits package: Personalised Career Development: We create a development plan customised to your goals and aspirations, with a range of learning and development opportunities within a culture that encourages growth. Flexible working: Flexible work arrangements to support your work life balance. We can't promise to always be able to meet every request, however, are keen to discuss your individual preferences to make it work where we can. A Fantastic Benefits Package: This includes generous annual leave allowance, enhanced family friendly benefits, pension scheme, access to private health, well being, and insurance schemes. At Sword we are dedicated to fostering a diverse and inclusive workplace and are proud to be an equal opportunities employer, ensuring that all applicants receive fair and equal consideration for employment, regardless of whether they meet every requirement. If you don't tick all the boxes but feel you have some of the relevant skills and experience we're looking for, please do consider applying and highlight your transferable skills and experience. We embrace diversity in all its forms, valuing individuals regardless of age, disability, gender identity or reassignment, marital or civil partner status, pregnancy or maternity status, race, colour, nationality, ethnic or national origin, religion or belief, sex, or sexual orientation. Your perspective and potential are important to us.
Position: Business Analyst - Manufacturing & Operational Technology Location: London or Reading 2 days p/week; 3 days remote Type: Contract, Inside IR35, 6 Months Rate: £540 p/day (umbrella rate) We are looking for a Business Analyst to join a major cyber security transformation programme. This role sits within the Operational Technology (OT) workstream, focusing on protecting and strengthening the systems that underpin large-scale manufacturing operations. You will work closely with operational teams, technology functions, cyber security, and suppliers to translate complex operational and technical requirements into clear, actionable delivery artefacts. Your input will support the assessment, design, and rollout of OT security initiatives, helping to improve regulatory compliance, operational resilience, and long-term sustainability. Key Responsibilities Analyse existing OT processes, tools, and workflows to identify gaps and improvement opportunities Support pilots, deployments, and site rollouts, capturing feedback and refining processes Assist with supplier engagement, procurement documentation, and assurance of third-party deliverables Contribute to embedding governance frameworks, operating models, and a sustainable security culture Skills & Experience Strong business analysis skills with the ability to simplify complex information for operational teams Awareness of OT/industrial systems (SCADA, PLCs, MES, HMI) and cyber security principles Experience designing frameworks, models, or assessment criteria in risk, cyber, or operational contexts Excellent communication and stakeholder management skills This is a dynamic, multi-phase role for someone who enjoys shaping frameworks, driving consistency, and supporting large-scale transformation.
Apr 17, 2026
Full time
Position: Business Analyst - Manufacturing & Operational Technology Location: London or Reading 2 days p/week; 3 days remote Type: Contract, Inside IR35, 6 Months Rate: £540 p/day (umbrella rate) We are looking for a Business Analyst to join a major cyber security transformation programme. This role sits within the Operational Technology (OT) workstream, focusing on protecting and strengthening the systems that underpin large-scale manufacturing operations. You will work closely with operational teams, technology functions, cyber security, and suppliers to translate complex operational and technical requirements into clear, actionable delivery artefacts. Your input will support the assessment, design, and rollout of OT security initiatives, helping to improve regulatory compliance, operational resilience, and long-term sustainability. Key Responsibilities Analyse existing OT processes, tools, and workflows to identify gaps and improvement opportunities Support pilots, deployments, and site rollouts, capturing feedback and refining processes Assist with supplier engagement, procurement documentation, and assurance of third-party deliverables Contribute to embedding governance frameworks, operating models, and a sustainable security culture Skills & Experience Strong business analysis skills with the ability to simplify complex information for operational teams Awareness of OT/industrial systems (SCADA, PLCs, MES, HMI) and cyber security principles Experience designing frameworks, models, or assessment criteria in risk, cyber, or operational contexts Excellent communication and stakeholder management skills This is a dynamic, multi-phase role for someone who enjoys shaping frameworks, driving consistency, and supporting large-scale transformation.
# About the Business Quilter plc is a leading wealth management business, helping to enable brighter financial futures for every generation. Quilter oversees £141.2 billion in customer investments (as of December2025). It has an adviser and customer offering spanning financial advice, investment platforms, multi-asset investment solutions, and discretionary fund management. The business is comprised of two segments: Affluent and High Net Worth. Affluent encompasses the financial planning business, Quilter Financial Planning, the Quilter Investment Platform and Quilter Investors, the multi-asset investment solutions business. High Net Worth includes the discretionary fund management business, Quilter Cheviot, together with Quilter Cheviot Financial Planning - offering a highly personalised service to private clients, charities, trustees, and professional partners. Quilter Cheviot has presence throughout the UK, Ireland and Channel Islands. At Quilter we never stand still. Our foundations are rooted in our extraordinary expertise, which is trusted by hundreds of thousands of customers, but we have great ambitions to stay one step ahead and make an even greater difference to the people and communities we serve, including our colleagues. Our business is transforming, continually modernising, and becoming even more customer centric. So, if you want to be bold in the pursuit of your ambitions, bring new ideas, and challenge and evolve what we do, it's the perfect time to join us!# About the Role Level:4Department: Group Technology SolutionsLocation: SouthamptonContract type: PermanentWe are seeking an experienced and passionate Product Analyst to be responsible for the maintenance and support of technology products within the business. The successful candidate will be focused on the customer experience and have deep hands-on experience in support and configuration of CRM-type platforms. With experience ideally in the wealth management sector, they will have a strong attention to detail and the flexibility to work in both product support environments and supporting high pressure change delivery teams on major product enhancements.The Product Analyst provides subject matter expertise in the given technology product to ensure that the solution operates effectively. The role is responsible for supporting system functionality, trouble shooting, system analysis, configuration, assisting with user-testing and documenting business processes / procedures in partnership with business functions. Key Responsibilities Product Support Provides first line support for user queries on Quilter technology products, applications functionality, and data within the assigned business area. Provides support for third-party products and in-house developed applications including configuration, data, intraday and overnight batch monitoring. Troubleshoots and supports system issues as and when they arise, tracking and monitoring. Tracks incidents and requests ensuring service delivery meets Quilter business unit requirements. Conducts research in response to inquiries using available information resources and identifies solutions to potential issues or redirects issue to the appropriate resource. Uses best practices and frameworks such as ITIL while working on Incident and Problem management. Supports execution of integrations to other applications. Provides support during office and out of hours for assigned projects and tasks as required. Develops and maintains documentation of system configuration and operational procedures. Creates, maintains and communicates procedural guides and knowledge base articles for team and customer use. Assists project / change teams with ad-hoc work as required. Partners with the assigned business area to understand new technology scope and its alignment with any new functionality and security. Develops and maintains awareness of divisional and data security and complies with policies and procedures. Platform Configuration & Maintenance Configures and maintains platform components. Ensures configuration implementations adhere to specifications, aligning with product design, regulatory requirements, and operational best practices. Follows change and version management best practices, always ensuring a high degree of control over live and development configuration states. Works with platform vendors to manage and migrate configuration changes across development, test and production environments. Quality Assurance & Testing Performs unit testing and provides configuration-related support for integration, non-functional and user acceptance testing (UAT). Validates configuration outcomes against business requirements and expected client behaviour. Works closely with Business Analysts and vendors to identify, record, triage and resolve defects. Change Delivery When required, works collaboratively in dynamic and geographically dispersed delivery teams, embracing rapidly evolving requirements and product features, and agile ways of working. Participates when needed in workshops with internal stakeholders, supporting the Business Analysts to clarify requirements and propose appropriate configuration based solutions. Contributes to the team's development of implementation plans, configuration timelines, and delivery milestones. Documentation & Knowledge Management Produces and maintains clear product documentation, including: + Implementation design documents + Detailed configuration specifications and data dictionaries + Change impact assessments + Operational and support guides Makes sure that configuration documentation is consistently updated and described with precise detail and accuracy. Supports knowledge transfer to other members of the product team, avoiding or resolving key person dependencies, and where required provides expertise to other programme and operational teams. Continuous Improvement Embodies a spirit of continuous improvement, working positively with the rest of the team to incrementally develop all aspects of product support practice. Identifies opportunities to standardise and optimise configurations to improve scalability, reduce complexity, and support team resiliency. Strives to improve the adviser and customer experience, increase productivity and drive efficiencies through optimal configuration design. Provides input on product limitations, enhancement opportunities, and recurring needs, as an input to the team's product improvement backlog, helping to represent these opportunities and needs to vendors. Stays informed on wealth management industry trends, regulatory developments, and platform capabilities.# About You Essential A strong understanding of wealth management concepts, processes, and operations. Deep hands-on experience in data capture, workflow, and/or document production configuration on large scale CRM platform implementations (e.g. Salesforce, MS Dynamics), ideally within the wealth management sector and in a cloud-based/SaaS environment. Experience working collaboratively with Business Analysts to ensure simultaneous and consistent delivery of both detailed configuration specifications and configuration assets in technology platforms. Shows great care in maintaining accuracy and data integrity, consistently paying close attention to details. An appreciation of the importance of delivering a high-quality user experience in CRM-type platform configuration Desirable Wealth management product support experience (especially Advice CRM platforms) or general experience with wealth management or other financial services platforms. Experience working in fast-paced and agile but change controlled environments with multiple stakeholders. Experience supporting large scale third party platform implementations. Demonstrated
Apr 09, 2026
Full time
# About the Business Quilter plc is a leading wealth management business, helping to enable brighter financial futures for every generation. Quilter oversees £141.2 billion in customer investments (as of December2025). It has an adviser and customer offering spanning financial advice, investment platforms, multi-asset investment solutions, and discretionary fund management. The business is comprised of two segments: Affluent and High Net Worth. Affluent encompasses the financial planning business, Quilter Financial Planning, the Quilter Investment Platform and Quilter Investors, the multi-asset investment solutions business. High Net Worth includes the discretionary fund management business, Quilter Cheviot, together with Quilter Cheviot Financial Planning - offering a highly personalised service to private clients, charities, trustees, and professional partners. Quilter Cheviot has presence throughout the UK, Ireland and Channel Islands. At Quilter we never stand still. Our foundations are rooted in our extraordinary expertise, which is trusted by hundreds of thousands of customers, but we have great ambitions to stay one step ahead and make an even greater difference to the people and communities we serve, including our colleagues. Our business is transforming, continually modernising, and becoming even more customer centric. So, if you want to be bold in the pursuit of your ambitions, bring new ideas, and challenge and evolve what we do, it's the perfect time to join us!# About the Role Level:4Department: Group Technology SolutionsLocation: SouthamptonContract type: PermanentWe are seeking an experienced and passionate Product Analyst to be responsible for the maintenance and support of technology products within the business. The successful candidate will be focused on the customer experience and have deep hands-on experience in support and configuration of CRM-type platforms. With experience ideally in the wealth management sector, they will have a strong attention to detail and the flexibility to work in both product support environments and supporting high pressure change delivery teams on major product enhancements.The Product Analyst provides subject matter expertise in the given technology product to ensure that the solution operates effectively. The role is responsible for supporting system functionality, trouble shooting, system analysis, configuration, assisting with user-testing and documenting business processes / procedures in partnership with business functions. Key Responsibilities Product Support Provides first line support for user queries on Quilter technology products, applications functionality, and data within the assigned business area. Provides support for third-party products and in-house developed applications including configuration, data, intraday and overnight batch monitoring. Troubleshoots and supports system issues as and when they arise, tracking and monitoring. Tracks incidents and requests ensuring service delivery meets Quilter business unit requirements. Conducts research in response to inquiries using available information resources and identifies solutions to potential issues or redirects issue to the appropriate resource. Uses best practices and frameworks such as ITIL while working on Incident and Problem management. Supports execution of integrations to other applications. Provides support during office and out of hours for assigned projects and tasks as required. Develops and maintains documentation of system configuration and operational procedures. Creates, maintains and communicates procedural guides and knowledge base articles for team and customer use. Assists project / change teams with ad-hoc work as required. Partners with the assigned business area to understand new technology scope and its alignment with any new functionality and security. Develops and maintains awareness of divisional and data security and complies with policies and procedures. Platform Configuration & Maintenance Configures and maintains platform components. Ensures configuration implementations adhere to specifications, aligning with product design, regulatory requirements, and operational best practices. Follows change and version management best practices, always ensuring a high degree of control over live and development configuration states. Works with platform vendors to manage and migrate configuration changes across development, test and production environments. Quality Assurance & Testing Performs unit testing and provides configuration-related support for integration, non-functional and user acceptance testing (UAT). Validates configuration outcomes against business requirements and expected client behaviour. Works closely with Business Analysts and vendors to identify, record, triage and resolve defects. Change Delivery When required, works collaboratively in dynamic and geographically dispersed delivery teams, embracing rapidly evolving requirements and product features, and agile ways of working. Participates when needed in workshops with internal stakeholders, supporting the Business Analysts to clarify requirements and propose appropriate configuration based solutions. Contributes to the team's development of implementation plans, configuration timelines, and delivery milestones. Documentation & Knowledge Management Produces and maintains clear product documentation, including: + Implementation design documents + Detailed configuration specifications and data dictionaries + Change impact assessments + Operational and support guides Makes sure that configuration documentation is consistently updated and described with precise detail and accuracy. Supports knowledge transfer to other members of the product team, avoiding or resolving key person dependencies, and where required provides expertise to other programme and operational teams. Continuous Improvement Embodies a spirit of continuous improvement, working positively with the rest of the team to incrementally develop all aspects of product support practice. Identifies opportunities to standardise and optimise configurations to improve scalability, reduce complexity, and support team resiliency. Strives to improve the adviser and customer experience, increase productivity and drive efficiencies through optimal configuration design. Provides input on product limitations, enhancement opportunities, and recurring needs, as an input to the team's product improvement backlog, helping to represent these opportunities and needs to vendors. Stays informed on wealth management industry trends, regulatory developments, and platform capabilities.# About You Essential A strong understanding of wealth management concepts, processes, and operations. Deep hands-on experience in data capture, workflow, and/or document production configuration on large scale CRM platform implementations (e.g. Salesforce, MS Dynamics), ideally within the wealth management sector and in a cloud-based/SaaS environment. Experience working collaboratively with Business Analysts to ensure simultaneous and consistent delivery of both detailed configuration specifications and configuration assets in technology platforms. Shows great care in maintaining accuracy and data integrity, consistently paying close attention to details. An appreciation of the importance of delivering a high-quality user experience in CRM-type platform configuration Desirable Wealth management product support experience (especially Advice CRM platforms) or general experience with wealth management or other financial services platforms. Experience working in fast-paced and agile but change controlled environments with multiple stakeholders. Experience supporting large scale third party platform implementations. Demonstrated
Sword is a leading provider of business technology solutions within the Energy, Public and Finance Sectors, driving transformational change within our clients. We use proven technology, specialist teams and domain expertise to build solid technical foundations across platforms, data, and business applications. We have a passion for using technology to solve business problems, working in partnership with our clients to help in achieving their goals. About the role The Risk, Compliance & Resilience Advisor shall help to manage compliance and assurance for supporting the Senior Manager - Risk & Compliance and Risk & Resilience Lead by ensuring that: Risk Assessment: Assist in identifying, assessing, and prioritising risks across the organisation. Conduct risk assessments to evaluate the likelihood and potential impact of risks on business operations and objectives Compliance Monitoring: Monitor regulatory developments and changes in laws, regulations, and industry standards. Assess the organisation's compliance with applicable regulations, standards, and internal policies Resilience Planning: Support the Global Risk & Resilience Lead in the Development and maintenance of IT resilience and business continuity plans to ensure the organisation's ability to respond to and recover from IT disruptions Incident Response and Management: Provide support in DR related incident response activities, including investigating IT security incidents, breaches, and disruptions Issue Identification: Identify and document risk deficiencies, compliance gaps, and areas for improvement. Collaborate with stakeholders to develop actionable recommendations and corrective action plans to address identified issues Documentation and Reporting: Maintain accurate documentation of risk assessments, compliance reviews, control testing activities, and remediation efforts. Prepare regular reports for management and stakeholders on the status of risk, compliance, and control activities Policy and Procedure Development: Assist in the development and maintenance of risk management, compliance, and control related policies, procedures, and guidelines. Ensure alignment with regulatory requirements and industry best practices in alignment with the Global IS Governance Lead Vendor Risk Management Support: Assist in assessing and managing risks associated with third party vendors and service providers. Evaluate vendor controls and adherence to contractual obligations Continuous Improvement: Identify opportunities for enhancing risk management, compliance, and control processes. Recommend and implement improvements to strengthen the organisation's risk and control environment Project Work: Contribute to project activities as required to ensure GRC requirements are understood and addressed Areas of Accountability, Responsibility and Competence Level Works with the Global Risk & Compliance Senior Manager to support IS in the delivery of governance, compliance, and risk activities, whilst supporting the Integration projects Supports the execution of the security, audit, and compliance activities Supports the Global Risk & Compliance Senior Manager by ensuring the successful delivery of initiatives and projects within the Risk and Compliance environment Supports the Risk & Compliance Senior Manager, and Risk & Resilience Lead in any required activities which support improvements in assurance, compliance, and audit activities Addresses findings from identified risks or audits Ensures the ISMS contains an accurate record of risks, events, and issues Supports the internal and external audit investigations Ensures that the audit tests, self certifications, and audit reviews are relevant, consistent, and conducted in accordance with professionally accepted auditing standards Works with minimal supervision, using clearly defined processes and procedures Facilitates the use of performance metrics to improve output May be required to provide out of hours support via an on call rota Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate compliance and risk related concepts to technical and non technical audiences Substantial relevant experience in control management for governance, compliance, IT audits, IS assurance and risk management programmes CISA, CISM or equivalent preferred BSc or equivalent qualification in IT based degree preferred 3+ years relevant IT work experience Proven ability to communicate with technical teams to elicit information and requirements Understanding of regulatory requirements, including cross industry regulations (e.g., GDPR, Data Protection Act) and industry specific regulations Skilled in implementing compliance and control frameworks Proficient in IT governance and quality standards Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT as well as those from NIST, including and Cybersecurity Framework Excellent stakeholder management skills High level of personal integrity, as well as the ability to professionally handle confidential matters and show an appropriate level of judgement and maturity Knowledge of OneTrust risk management toolset or similar preferred At Sword, our core values and culture are based on caring about our people, investing in training and career development, and building inclusive teams where we are all encouraged to contribute to achieve success. We offer comprehensive benefits designed to support your professional development and enhance your overall quality of life. In addition to a Competitive Salary, here's what you can expect as part of our benefits package: Personalised Career Development: We create a development plan customised to your goals and aspirations, with a range of learning and development opportunities within a culture that encourages growth. Flexible working: Flexible work arrangements to support your work life balance. We can't promise to always be able to meet every request, however, are keen to discuss your individual preferences to make it work where we can. A Fantastic Benefits Package: This includes generous annual leave allowance, enhanced family friendly benefits, pension scheme, access to private health, well being, and insurance schemes. At Sword we are dedicated to fostering a diverse and inclusive workplace and are proud to be an equal opportunities employer, ensuring that all applicants receive fair and equal consideration for employment, regardless of whether they meet every requirement. If you don't tick all the boxes but feel you have some of the relevant skills and experience we're looking for, please do consider applying and highlight your transferable skills and experience. We embrace diversity in all its forms, valuing individuals regardless of age, disability, gender identity or reassignment, marital or civil partner status, pregnancy or maternity status, race, colour, nationality, ethnic or national origin, religion or belief, sex, or sexual orientation. Your perspective and potential are important to us.
Apr 08, 2026
Full time
Sword is a leading provider of business technology solutions within the Energy, Public and Finance Sectors, driving transformational change within our clients. We use proven technology, specialist teams and domain expertise to build solid technical foundations across platforms, data, and business applications. We have a passion for using technology to solve business problems, working in partnership with our clients to help in achieving their goals. About the role The Risk, Compliance & Resilience Advisor shall help to manage compliance and assurance for supporting the Senior Manager - Risk & Compliance and Risk & Resilience Lead by ensuring that: Risk Assessment: Assist in identifying, assessing, and prioritising risks across the organisation. Conduct risk assessments to evaluate the likelihood and potential impact of risks on business operations and objectives Compliance Monitoring: Monitor regulatory developments and changes in laws, regulations, and industry standards. Assess the organisation's compliance with applicable regulations, standards, and internal policies Resilience Planning: Support the Global Risk & Resilience Lead in the Development and maintenance of IT resilience and business continuity plans to ensure the organisation's ability to respond to and recover from IT disruptions Incident Response and Management: Provide support in DR related incident response activities, including investigating IT security incidents, breaches, and disruptions Issue Identification: Identify and document risk deficiencies, compliance gaps, and areas for improvement. Collaborate with stakeholders to develop actionable recommendations and corrective action plans to address identified issues Documentation and Reporting: Maintain accurate documentation of risk assessments, compliance reviews, control testing activities, and remediation efforts. Prepare regular reports for management and stakeholders on the status of risk, compliance, and control activities Policy and Procedure Development: Assist in the development and maintenance of risk management, compliance, and control related policies, procedures, and guidelines. Ensure alignment with regulatory requirements and industry best practices in alignment with the Global IS Governance Lead Vendor Risk Management Support: Assist in assessing and managing risks associated with third party vendors and service providers. Evaluate vendor controls and adherence to contractual obligations Continuous Improvement: Identify opportunities for enhancing risk management, compliance, and control processes. Recommend and implement improvements to strengthen the organisation's risk and control environment Project Work: Contribute to project activities as required to ensure GRC requirements are understood and addressed Areas of Accountability, Responsibility and Competence Level Works with the Global Risk & Compliance Senior Manager to support IS in the delivery of governance, compliance, and risk activities, whilst supporting the Integration projects Supports the execution of the security, audit, and compliance activities Supports the Global Risk & Compliance Senior Manager by ensuring the successful delivery of initiatives and projects within the Risk and Compliance environment Supports the Risk & Compliance Senior Manager, and Risk & Resilience Lead in any required activities which support improvements in assurance, compliance, and audit activities Addresses findings from identified risks or audits Ensures the ISMS contains an accurate record of risks, events, and issues Supports the internal and external audit investigations Ensures that the audit tests, self certifications, and audit reviews are relevant, consistent, and conducted in accordance with professionally accepted auditing standards Works with minimal supervision, using clearly defined processes and procedures Facilitates the use of performance metrics to improve output May be required to provide out of hours support via an on call rota Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate compliance and risk related concepts to technical and non technical audiences Substantial relevant experience in control management for governance, compliance, IT audits, IS assurance and risk management programmes CISA, CISM or equivalent preferred BSc or equivalent qualification in IT based degree preferred 3+ years relevant IT work experience Proven ability to communicate with technical teams to elicit information and requirements Understanding of regulatory requirements, including cross industry regulations (e.g., GDPR, Data Protection Act) and industry specific regulations Skilled in implementing compliance and control frameworks Proficient in IT governance and quality standards Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT as well as those from NIST, including and Cybersecurity Framework Excellent stakeholder management skills High level of personal integrity, as well as the ability to professionally handle confidential matters and show an appropriate level of judgement and maturity Knowledge of OneTrust risk management toolset or similar preferred At Sword, our core values and culture are based on caring about our people, investing in training and career development, and building inclusive teams where we are all encouraged to contribute to achieve success. We offer comprehensive benefits designed to support your professional development and enhance your overall quality of life. In addition to a Competitive Salary, here's what you can expect as part of our benefits package: Personalised Career Development: We create a development plan customised to your goals and aspirations, with a range of learning and development opportunities within a culture that encourages growth. Flexible working: Flexible work arrangements to support your work life balance. We can't promise to always be able to meet every request, however, are keen to discuss your individual preferences to make it work where we can. A Fantastic Benefits Package: This includes generous annual leave allowance, enhanced family friendly benefits, pension scheme, access to private health, well being, and insurance schemes. At Sword we are dedicated to fostering a diverse and inclusive workplace and are proud to be an equal opportunities employer, ensuring that all applicants receive fair and equal consideration for employment, regardless of whether they meet every requirement. If you don't tick all the boxes but feel you have some of the relevant skills and experience we're looking for, please do consider applying and highlight your transferable skills and experience. We embrace diversity in all its forms, valuing individuals regardless of age, disability, gender identity or reassignment, marital or civil partner status, pregnancy or maternity status, race, colour, nationality, ethnic or national origin, religion or belief, sex, or sexual orientation. Your perspective and potential are important to us.