Job Title: Head of IT Location: Worcestershire across 3 sites (predominantly office based with flexibility for remote working of 1 day per week) Reports To: Partner, Head of Finance and Operations Department: Operational Support Direct Reports: 1 1st Line IT Support Technician Role Purpose The Head of IT has full accountability for the firm's information technology environment, ensuring it is secure, resilient, scalable and aligned to the firm's strategic and regulatory objectives. The role will also be responsible for driving the thoughtful and appropriate adoption of AI and automation, ensuring these technologies are used safely, ethically and pragmatically to enhance efficiency, decision making and client service. This is a senior leadership role with clear ownership of the end to end IT estate, including infrastructure, applications, cybersecurity, data and third party services. The role is responsible not only for operational stability, but for shaping and delivering the firm's technology roadmap so that technology actively supports business growth, efficiency and risk management. Working closely with senior leadership, the Head of IT will plan, prioritise and deliver technology initiatives using robust project management disciplines, ensuring change is well governed, outcomes focused and delivered with minimal disruption to the business. Core Accountabilities The overall performance, security and resilience of the firm's IT estate Ownership and continuous evolution of the business technology stack Delivery of IT and digital change programmes through effective project management Alignment of technology decisions with business strategy, regulatory obligations and operational risk IT governance, supplier performance, investment decisions and technology related risk Driving the responsible use of AI and automation to support efficiency, insight and business growth Key Responsibilities Technology Ownership & Infrastructure Own and manage the firm's IT infrastructure, including hardware, software, networks, cloud services, servers, storage, backup and disaster recovery Ensure systems are secure, reliable, well maintained and capable of scaling with business growth Proactively identify and address performance issues, capacity constraints and technical debt Oversee and coordinate external IT service providers where required Cybersecurity & Data Protection Hold overall accountability for the firm's cybersecurity posture Define, implement and enforce security policies, standards and controls Monitor systems and risks, responding appropriately to threats and incidents Ensure compliance with GDPR, data protection legislation and industry best practice Act as senior owner for IT related incidents, risk management and remediation Business Applications & Technology Stack Own the selection, implementation, integration and optimisation of core business systems Ensure applications are stable, well integrated and aligned to business processes Manage vendor relationships to maximise value, performance and reliability Ensure users are informed of relevant system changes and improvements IT Strategy, Projects & Change Delivery Define and maintain a clear IT strategy and multi year technology roadmap Translate strategic objectives into clearly scoped, prioritised and well governed IT projects Lead and deliver IT and digital change initiatives using appropriate project management methodologies Manage project plans, risks, dependencies, budgets and stakeholder communication Ensure technology change is delivered on time, within scope and aligned to business outcomes Business Continuity & Disaster Recovery Own and maintain disaster recovery and business continuity arrangements Ensure backups are robust, current and regularly tested Periodically test recovery processes and implement improvements Vendor, MSP & Contract Management Own the relationship and performance of the outsourced IT Managed Service Provider Manage all third party technology suppliers and service contracts Negotiate and review contracts and SLAs to ensure value, resilience and scalability Ensure contracts are renewed, replaced or exited in a controlled and timely manner Budget, Governance & Compliance Own the IT budget, cost forecasting and investment planning Ensure technology spend delivers clear business value Establish and maintain IT policies, procedures and governance frameworks Prepare for and manage IT audits and regulatory reviews Team Leadership & User Enablement Line manage and develop the 1st Line IT Support Technician Ensure users receive effective, timely and professional IT support Develop and deliver IT training to improve adoption and capability Maintain clear documentation, procedures and user guidance Key Skills & Experience Proven experience in a senior IT leadership role (IT Manager, IT Lead or Head of IT) Experience in accountancy, finance or professional services strongly preferred Strong knowledge of IT infrastructure, cloud platforms and business systems Demonstrable experience of cybersecurity, data protection and risk management Proven track record of delivering IT projects and managing technology change Strong vendor, contract and Managed Service Provider management experience Strong experience of building stakeholder relationships with Senior executives & C Suite. Proven line management, leadership and project management skills. Excellent communication and Team Player skills Strong decision making, prioritisation and problem solving abilities Qualifications Relevant certifications (e.g. Microsoft, ITIL, CompTIA, CISSP or similar) desirable Personal Attributes Clear ownership mindset with strong accountability Strategic thinker with a practical, delivery focused approach Confident decision maker able to balance risk, cost and business need Proactive, organised and comfortable managing competing priorities Able to operate both strategically and hands on when required Working Conditions Full time role, predominantly office based with some remote flexibility Occasional out of hours work for maintenance or critical incidents Benefits: Competitive salary 25 days annual leave, plus bank holidays Private Medical Health insurance Life Assurance Group Personal Pension Plan Electric Car scheme Cycle to Work Scheme Flexible Holiday Purchase Scheme Enhanced Family Pay - maternity, paternity, parental, and compassionate leave Employee Assistance Programme - 24/7 confidential helpline as well as online support If you wish to be considered for the role, please contact Joanne Harris on (phone number removed) or email me on (url removed)
Apr 30, 2026
Full time
Job Title: Head of IT Location: Worcestershire across 3 sites (predominantly office based with flexibility for remote working of 1 day per week) Reports To: Partner, Head of Finance and Operations Department: Operational Support Direct Reports: 1 1st Line IT Support Technician Role Purpose The Head of IT has full accountability for the firm's information technology environment, ensuring it is secure, resilient, scalable and aligned to the firm's strategic and regulatory objectives. The role will also be responsible for driving the thoughtful and appropriate adoption of AI and automation, ensuring these technologies are used safely, ethically and pragmatically to enhance efficiency, decision making and client service. This is a senior leadership role with clear ownership of the end to end IT estate, including infrastructure, applications, cybersecurity, data and third party services. The role is responsible not only for operational stability, but for shaping and delivering the firm's technology roadmap so that technology actively supports business growth, efficiency and risk management. Working closely with senior leadership, the Head of IT will plan, prioritise and deliver technology initiatives using robust project management disciplines, ensuring change is well governed, outcomes focused and delivered with minimal disruption to the business. Core Accountabilities The overall performance, security and resilience of the firm's IT estate Ownership and continuous evolution of the business technology stack Delivery of IT and digital change programmes through effective project management Alignment of technology decisions with business strategy, regulatory obligations and operational risk IT governance, supplier performance, investment decisions and technology related risk Driving the responsible use of AI and automation to support efficiency, insight and business growth Key Responsibilities Technology Ownership & Infrastructure Own and manage the firm's IT infrastructure, including hardware, software, networks, cloud services, servers, storage, backup and disaster recovery Ensure systems are secure, reliable, well maintained and capable of scaling with business growth Proactively identify and address performance issues, capacity constraints and technical debt Oversee and coordinate external IT service providers where required Cybersecurity & Data Protection Hold overall accountability for the firm's cybersecurity posture Define, implement and enforce security policies, standards and controls Monitor systems and risks, responding appropriately to threats and incidents Ensure compliance with GDPR, data protection legislation and industry best practice Act as senior owner for IT related incidents, risk management and remediation Business Applications & Technology Stack Own the selection, implementation, integration and optimisation of core business systems Ensure applications are stable, well integrated and aligned to business processes Manage vendor relationships to maximise value, performance and reliability Ensure users are informed of relevant system changes and improvements IT Strategy, Projects & Change Delivery Define and maintain a clear IT strategy and multi year technology roadmap Translate strategic objectives into clearly scoped, prioritised and well governed IT projects Lead and deliver IT and digital change initiatives using appropriate project management methodologies Manage project plans, risks, dependencies, budgets and stakeholder communication Ensure technology change is delivered on time, within scope and aligned to business outcomes Business Continuity & Disaster Recovery Own and maintain disaster recovery and business continuity arrangements Ensure backups are robust, current and regularly tested Periodically test recovery processes and implement improvements Vendor, MSP & Contract Management Own the relationship and performance of the outsourced IT Managed Service Provider Manage all third party technology suppliers and service contracts Negotiate and review contracts and SLAs to ensure value, resilience and scalability Ensure contracts are renewed, replaced or exited in a controlled and timely manner Budget, Governance & Compliance Own the IT budget, cost forecasting and investment planning Ensure technology spend delivers clear business value Establish and maintain IT policies, procedures and governance frameworks Prepare for and manage IT audits and regulatory reviews Team Leadership & User Enablement Line manage and develop the 1st Line IT Support Technician Ensure users receive effective, timely and professional IT support Develop and deliver IT training to improve adoption and capability Maintain clear documentation, procedures and user guidance Key Skills & Experience Proven experience in a senior IT leadership role (IT Manager, IT Lead or Head of IT) Experience in accountancy, finance or professional services strongly preferred Strong knowledge of IT infrastructure, cloud platforms and business systems Demonstrable experience of cybersecurity, data protection and risk management Proven track record of delivering IT projects and managing technology change Strong vendor, contract and Managed Service Provider management experience Strong experience of building stakeholder relationships with Senior executives & C Suite. Proven line management, leadership and project management skills. Excellent communication and Team Player skills Strong decision making, prioritisation and problem solving abilities Qualifications Relevant certifications (e.g. Microsoft, ITIL, CompTIA, CISSP or similar) desirable Personal Attributes Clear ownership mindset with strong accountability Strategic thinker with a practical, delivery focused approach Confident decision maker able to balance risk, cost and business need Proactive, organised and comfortable managing competing priorities Able to operate both strategically and hands on when required Working Conditions Full time role, predominantly office based with some remote flexibility Occasional out of hours work for maintenance or critical incidents Benefits: Competitive salary 25 days annual leave, plus bank holidays Private Medical Health insurance Life Assurance Group Personal Pension Plan Electric Car scheme Cycle to Work Scheme Flexible Holiday Purchase Scheme Enhanced Family Pay - maternity, paternity, parental, and compassionate leave Employee Assistance Programme - 24/7 confidential helpline as well as online support If you wish to be considered for the role, please contact Joanne Harris on (phone number removed) or email me on (url removed)
Sword is a leading provider of business technology solutions within the Energy, Public and Finance Sectors, driving transformational change within our clients. We use proven technology, specialist teams and domain expertise to build solid technical foundations across platforms, data, and business applications. We have a passion for using technology to solve business problems, working in partnership with our clients to help in achieving their goals. About the role The Risk, Compliance & Resilience Advisor shall help to manage compliance and assurance for supporting the Senior Manager - Risk & Compliance and Risk & Resilience Lead by ensuring that: Risk Assessment: Assist in identifying, assessing, and prioritising risks across the organisation. Conduct risk assessments to evaluate the likelihood and potential impact of risks on business operations and objectives Compliance Monitoring: Monitor regulatory developments and changes in laws, regulations, and industry standards. Assess the organisation's compliance with applicable regulations, standards, and internal policies Resilience Planning: Support the Global Risk & Resilience Lead in the Development and maintenance of IT resilience and business continuity plans to ensure the organisation's ability to respond to and recover from IT disruptions Incident Response and Management: Provide support in DR related incident response activities, including investigating IT security incidents, breaches, and disruptions Issue Identification: Identify and document risk deficiencies, compliance gaps, and areas for improvement. Collaborate with stakeholders to develop actionable recommendations and corrective action plans to address identified issues Documentation and Reporting: Maintain accurate documentation of risk assessments, compliance reviews, control testing activities, and remediation efforts. Prepare regular reports for management and stakeholders on the status of risk, compliance, and control activities Policy and Procedure Development: Assist in the development and maintenance of risk management, compliance, and control related policies, procedures, and guidelines. Ensure alignment with regulatory requirements and industry best practices in alignment with the Global IS Governance Lead Vendor Risk Management Support: Assist in assessing and managing risks associated with third party vendors and service providers. Evaluate vendor controls and adherence to contractual obligations Continuous Improvement: Identify opportunities for enhancing risk management, compliance, and control processes. Recommend and implement improvements to strengthen the organisation's risk and control environment Project Work: Contribute to project activities as required to ensure GRC requirements are understood and addressed Areas of Accountability, Responsibility and Competence Level Works with the Global Risk & Compliance Senior Manager to support IS in the delivery of governance, compliance, and risk activities, whilst supporting the Integration projects Supports the execution of the security, audit, and compliance activities Supports the Global Risk & Compliance Senior Manager by ensuring the successful delivery of initiatives and projects within the Risk and Compliance environment Supports the Risk & Compliance Senior Manager, and Risk & Resilience Lead in any required activities which support improvements in assurance, compliance, and audit activities Addresses findings from identified risks or audits Ensures the ISMS contains an accurate record of risks, events, and issues Supports the internal and external audit investigations Ensures that the audit tests, self certifications, and audit reviews are relevant, consistent, and conducted in accordance with professionally accepted auditing standards Works with minimal supervision, using clearly defined processes and procedures Facilitates the use of performance metrics to improve output May be required to provide out of hours support via an on call rota Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate compliance and risk related concepts to technical and non technical audiences Substantial relevant experience in control management for governance, compliance, IT audits, IS assurance and risk management programmes CISA, CISM or equivalent preferred BSc or equivalent qualification in IT based degree preferred 3+ years relevant IT work experience Proven ability to communicate with technical teams to elicit information and requirements Understanding of regulatory requirements, including cross industry regulations (e.g., GDPR, Data Protection Act) and industry specific regulations Skilled in implementing compliance and control frameworks Proficient in IT governance and quality standards Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT as well as those from NIST, including and Cybersecurity Framework Excellent stakeholder management skills High level of personal integrity, as well as the ability to professionally handle confidential matters and show an appropriate level of judgement and maturity Knowledge of OneTrust risk management toolset or similar preferred At Sword, our core values and culture are based on caring about our people, investing in training and career development, and building inclusive teams where we are all encouraged to contribute to achieve success. We offer comprehensive benefits designed to support your professional development and enhance your overall quality of life. In addition to a Competitive Salary, here's what you can expect as part of our benefits package: Personalised Career Development: We create a development plan customised to your goals and aspirations, with a range of learning and development opportunities within a culture that encourages growth. Flexible working: Flexible work arrangements to support your work life balance. We can't promise to always be able to meet every request, however, are keen to discuss your individual preferences to make it work where we can. A Fantastic Benefits Package: This includes generous annual leave allowance, enhanced family friendly benefits, pension scheme, access to private health, well being, and insurance schemes. At Sword we are dedicated to fostering a diverse and inclusive workplace and are proud to be an equal opportunities employer, ensuring that all applicants receive fair and equal consideration for employment, regardless of whether they meet every requirement. If you don't tick all the boxes but feel you have some of the relevant skills and experience we're looking for, please do consider applying and highlight your transferable skills and experience. We embrace diversity in all its forms, valuing individuals regardless of age, disability, gender identity or reassignment, marital or civil partner status, pregnancy or maternity status, race, colour, nationality, ethnic or national origin, religion or belief, sex, or sexual orientation. Your perspective and potential are important to us.
Apr 17, 2026
Full time
Sword is a leading provider of business technology solutions within the Energy, Public and Finance Sectors, driving transformational change within our clients. We use proven technology, specialist teams and domain expertise to build solid technical foundations across platforms, data, and business applications. We have a passion for using technology to solve business problems, working in partnership with our clients to help in achieving their goals. About the role The Risk, Compliance & Resilience Advisor shall help to manage compliance and assurance for supporting the Senior Manager - Risk & Compliance and Risk & Resilience Lead by ensuring that: Risk Assessment: Assist in identifying, assessing, and prioritising risks across the organisation. Conduct risk assessments to evaluate the likelihood and potential impact of risks on business operations and objectives Compliance Monitoring: Monitor regulatory developments and changes in laws, regulations, and industry standards. Assess the organisation's compliance with applicable regulations, standards, and internal policies Resilience Planning: Support the Global Risk & Resilience Lead in the Development and maintenance of IT resilience and business continuity plans to ensure the organisation's ability to respond to and recover from IT disruptions Incident Response and Management: Provide support in DR related incident response activities, including investigating IT security incidents, breaches, and disruptions Issue Identification: Identify and document risk deficiencies, compliance gaps, and areas for improvement. Collaborate with stakeholders to develop actionable recommendations and corrective action plans to address identified issues Documentation and Reporting: Maintain accurate documentation of risk assessments, compliance reviews, control testing activities, and remediation efforts. Prepare regular reports for management and stakeholders on the status of risk, compliance, and control activities Policy and Procedure Development: Assist in the development and maintenance of risk management, compliance, and control related policies, procedures, and guidelines. Ensure alignment with regulatory requirements and industry best practices in alignment with the Global IS Governance Lead Vendor Risk Management Support: Assist in assessing and managing risks associated with third party vendors and service providers. Evaluate vendor controls and adherence to contractual obligations Continuous Improvement: Identify opportunities for enhancing risk management, compliance, and control processes. Recommend and implement improvements to strengthen the organisation's risk and control environment Project Work: Contribute to project activities as required to ensure GRC requirements are understood and addressed Areas of Accountability, Responsibility and Competence Level Works with the Global Risk & Compliance Senior Manager to support IS in the delivery of governance, compliance, and risk activities, whilst supporting the Integration projects Supports the execution of the security, audit, and compliance activities Supports the Global Risk & Compliance Senior Manager by ensuring the successful delivery of initiatives and projects within the Risk and Compliance environment Supports the Risk & Compliance Senior Manager, and Risk & Resilience Lead in any required activities which support improvements in assurance, compliance, and audit activities Addresses findings from identified risks or audits Ensures the ISMS contains an accurate record of risks, events, and issues Supports the internal and external audit investigations Ensures that the audit tests, self certifications, and audit reviews are relevant, consistent, and conducted in accordance with professionally accepted auditing standards Works with minimal supervision, using clearly defined processes and procedures Facilitates the use of performance metrics to improve output May be required to provide out of hours support via an on call rota Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate compliance and risk related concepts to technical and non technical audiences Substantial relevant experience in control management for governance, compliance, IT audits, IS assurance and risk management programmes CISA, CISM or equivalent preferred BSc or equivalent qualification in IT based degree preferred 3+ years relevant IT work experience Proven ability to communicate with technical teams to elicit information and requirements Understanding of regulatory requirements, including cross industry regulations (e.g., GDPR, Data Protection Act) and industry specific regulations Skilled in implementing compliance and control frameworks Proficient in IT governance and quality standards Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT as well as those from NIST, including and Cybersecurity Framework Excellent stakeholder management skills High level of personal integrity, as well as the ability to professionally handle confidential matters and show an appropriate level of judgement and maturity Knowledge of OneTrust risk management toolset or similar preferred At Sword, our core values and culture are based on caring about our people, investing in training and career development, and building inclusive teams where we are all encouraged to contribute to achieve success. We offer comprehensive benefits designed to support your professional development and enhance your overall quality of life. In addition to a Competitive Salary, here's what you can expect as part of our benefits package: Personalised Career Development: We create a development plan customised to your goals and aspirations, with a range of learning and development opportunities within a culture that encourages growth. Flexible working: Flexible work arrangements to support your work life balance. We can't promise to always be able to meet every request, however, are keen to discuss your individual preferences to make it work where we can. A Fantastic Benefits Package: This includes generous annual leave allowance, enhanced family friendly benefits, pension scheme, access to private health, well being, and insurance schemes. At Sword we are dedicated to fostering a diverse and inclusive workplace and are proud to be an equal opportunities employer, ensuring that all applicants receive fair and equal consideration for employment, regardless of whether they meet every requirement. If you don't tick all the boxes but feel you have some of the relevant skills and experience we're looking for, please do consider applying and highlight your transferable skills and experience. We embrace diversity in all its forms, valuing individuals regardless of age, disability, gender identity or reassignment, marital or civil partner status, pregnancy or maternity status, race, colour, nationality, ethnic or national origin, religion or belief, sex, or sexual orientation. Your perspective and potential are important to us.
Sword is a leading provider of business technology solutions within the Energy, Public and Finance Sectors, driving transformational change within our clients. We use proven technology, specialist teams and domain expertise to build solid technical foundations across platforms, data, and business applications. We have a passion for using technology to solve business problems, working in partnership with our clients to help in achieving their goals. About the role The Risk, Compliance & Resilience Advisor shall help to manage compliance and assurance for supporting the Senior Manager - Risk & Compliance and Risk & Resilience Lead by ensuring that: Risk Assessment: Assist in identifying, assessing, and prioritising risks across the organisation. Conduct risk assessments to evaluate the likelihood and potential impact of risks on business operations and objectives Compliance Monitoring: Monitor regulatory developments and changes in laws, regulations, and industry standards. Assess the organisation's compliance with applicable regulations, standards, and internal policies Resilience Planning: Support the Global Risk & Resilience Lead in the Development and maintenance of IT resilience and business continuity plans to ensure the organisation's ability to respond to and recover from IT disruptions Incident Response and Management: Provide support in DR related incident response activities, including investigating IT security incidents, breaches, and disruptions Issue Identification: Identify and document risk deficiencies, compliance gaps, and areas for improvement. Collaborate with stakeholders to develop actionable recommendations and corrective action plans to address identified issues Documentation and Reporting: Maintain accurate documentation of risk assessments, compliance reviews, control testing activities, and remediation efforts. Prepare regular reports for management and stakeholders on the status of risk, compliance, and control activities Policy and Procedure Development: Assist in the development and maintenance of risk management, compliance, and control related policies, procedures, and guidelines. Ensure alignment with regulatory requirements and industry best practices in alignment with the Global IS Governance Lead Vendor Risk Management Support: Assist in assessing and managing risks associated with third party vendors and service providers. Evaluate vendor controls and adherence to contractual obligations Continuous Improvement: Identify opportunities for enhancing risk management, compliance, and control processes. Recommend and implement improvements to strengthen the organisation's risk and control environment Project Work: Contribute to project activities as required to ensure GRC requirements are understood and addressed Areas of Accountability, Responsibility and Competence Level Works with the Global Risk & Compliance Senior Manager to support IS in the delivery of governance, compliance, and risk activities, whilst supporting the Integration projects Supports the execution of the security, audit, and compliance activities Supports the Global Risk & Compliance Senior Manager by ensuring the successful delivery of initiatives and projects within the Risk and Compliance environment Supports the Risk & Compliance Senior Manager, and Risk & Resilience Lead in any required activities which support improvements in assurance, compliance, and audit activities Addresses findings from identified risks or audits Ensures the ISMS contains an accurate record of risks, events, and issues Supports the internal and external audit investigations Ensures that the audit tests, self certifications, and audit reviews are relevant, consistent, and conducted in accordance with professionally accepted auditing standards Works with minimal supervision, using clearly defined processes and procedures Facilitates the use of performance metrics to improve output May be required to provide out of hours support via an on call rota Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate compliance and risk related concepts to technical and non technical audiences Substantial relevant experience in control management for governance, compliance, IT audits, IS assurance and risk management programmes CISA, CISM or equivalent preferred BSc or equivalent qualification in IT based degree preferred 3+ years relevant IT work experience Proven ability to communicate with technical teams to elicit information and requirements Understanding of regulatory requirements, including cross industry regulations (e.g., GDPR, Data Protection Act) and industry specific regulations Skilled in implementing compliance and control frameworks Proficient in IT governance and quality standards Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT as well as those from NIST, including and Cybersecurity Framework Excellent stakeholder management skills High level of personal integrity, as well as the ability to professionally handle confidential matters and show an appropriate level of judgement and maturity Knowledge of OneTrust risk management toolset or similar preferred At Sword, our core values and culture are based on caring about our people, investing in training and career development, and building inclusive teams where we are all encouraged to contribute to achieve success. We offer comprehensive benefits designed to support your professional development and enhance your overall quality of life. In addition to a Competitive Salary, here's what you can expect as part of our benefits package: Personalised Career Development: We create a development plan customised to your goals and aspirations, with a range of learning and development opportunities within a culture that encourages growth. Flexible working: Flexible work arrangements to support your work life balance. We can't promise to always be able to meet every request, however, are keen to discuss your individual preferences to make it work where we can. A Fantastic Benefits Package: This includes generous annual leave allowance, enhanced family friendly benefits, pension scheme, access to private health, well being, and insurance schemes. At Sword we are dedicated to fostering a diverse and inclusive workplace and are proud to be an equal opportunities employer, ensuring that all applicants receive fair and equal consideration for employment, regardless of whether they meet every requirement. If you don't tick all the boxes but feel you have some of the relevant skills and experience we're looking for, please do consider applying and highlight your transferable skills and experience. We embrace diversity in all its forms, valuing individuals regardless of age, disability, gender identity or reassignment, marital or civil partner status, pregnancy or maternity status, race, colour, nationality, ethnic or national origin, religion or belief, sex, or sexual orientation. Your perspective and potential are important to us.
Apr 08, 2026
Full time
Sword is a leading provider of business technology solutions within the Energy, Public and Finance Sectors, driving transformational change within our clients. We use proven technology, specialist teams and domain expertise to build solid technical foundations across platforms, data, and business applications. We have a passion for using technology to solve business problems, working in partnership with our clients to help in achieving their goals. About the role The Risk, Compliance & Resilience Advisor shall help to manage compliance and assurance for supporting the Senior Manager - Risk & Compliance and Risk & Resilience Lead by ensuring that: Risk Assessment: Assist in identifying, assessing, and prioritising risks across the organisation. Conduct risk assessments to evaluate the likelihood and potential impact of risks on business operations and objectives Compliance Monitoring: Monitor regulatory developments and changes in laws, regulations, and industry standards. Assess the organisation's compliance with applicable regulations, standards, and internal policies Resilience Planning: Support the Global Risk & Resilience Lead in the Development and maintenance of IT resilience and business continuity plans to ensure the organisation's ability to respond to and recover from IT disruptions Incident Response and Management: Provide support in DR related incident response activities, including investigating IT security incidents, breaches, and disruptions Issue Identification: Identify and document risk deficiencies, compliance gaps, and areas for improvement. Collaborate with stakeholders to develop actionable recommendations and corrective action plans to address identified issues Documentation and Reporting: Maintain accurate documentation of risk assessments, compliance reviews, control testing activities, and remediation efforts. Prepare regular reports for management and stakeholders on the status of risk, compliance, and control activities Policy and Procedure Development: Assist in the development and maintenance of risk management, compliance, and control related policies, procedures, and guidelines. Ensure alignment with regulatory requirements and industry best practices in alignment with the Global IS Governance Lead Vendor Risk Management Support: Assist in assessing and managing risks associated with third party vendors and service providers. Evaluate vendor controls and adherence to contractual obligations Continuous Improvement: Identify opportunities for enhancing risk management, compliance, and control processes. Recommend and implement improvements to strengthen the organisation's risk and control environment Project Work: Contribute to project activities as required to ensure GRC requirements are understood and addressed Areas of Accountability, Responsibility and Competence Level Works with the Global Risk & Compliance Senior Manager to support IS in the delivery of governance, compliance, and risk activities, whilst supporting the Integration projects Supports the execution of the security, audit, and compliance activities Supports the Global Risk & Compliance Senior Manager by ensuring the successful delivery of initiatives and projects within the Risk and Compliance environment Supports the Risk & Compliance Senior Manager, and Risk & Resilience Lead in any required activities which support improvements in assurance, compliance, and audit activities Addresses findings from identified risks or audits Ensures the ISMS contains an accurate record of risks, events, and issues Supports the internal and external audit investigations Ensures that the audit tests, self certifications, and audit reviews are relevant, consistent, and conducted in accordance with professionally accepted auditing standards Works with minimal supervision, using clearly defined processes and procedures Facilitates the use of performance metrics to improve output May be required to provide out of hours support via an on call rota Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate compliance and risk related concepts to technical and non technical audiences Substantial relevant experience in control management for governance, compliance, IT audits, IS assurance and risk management programmes CISA, CISM or equivalent preferred BSc or equivalent qualification in IT based degree preferred 3+ years relevant IT work experience Proven ability to communicate with technical teams to elicit information and requirements Understanding of regulatory requirements, including cross industry regulations (e.g., GDPR, Data Protection Act) and industry specific regulations Skilled in implementing compliance and control frameworks Proficient in IT governance and quality standards Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT as well as those from NIST, including and Cybersecurity Framework Excellent stakeholder management skills High level of personal integrity, as well as the ability to professionally handle confidential matters and show an appropriate level of judgement and maturity Knowledge of OneTrust risk management toolset or similar preferred At Sword, our core values and culture are based on caring about our people, investing in training and career development, and building inclusive teams where we are all encouraged to contribute to achieve success. We offer comprehensive benefits designed to support your professional development and enhance your overall quality of life. In addition to a Competitive Salary, here's what you can expect as part of our benefits package: Personalised Career Development: We create a development plan customised to your goals and aspirations, with a range of learning and development opportunities within a culture that encourages growth. Flexible working: Flexible work arrangements to support your work life balance. We can't promise to always be able to meet every request, however, are keen to discuss your individual preferences to make it work where we can. A Fantastic Benefits Package: This includes generous annual leave allowance, enhanced family friendly benefits, pension scheme, access to private health, well being, and insurance schemes. At Sword we are dedicated to fostering a diverse and inclusive workplace and are proud to be an equal opportunities employer, ensuring that all applicants receive fair and equal consideration for employment, regardless of whether they meet every requirement. If you don't tick all the boxes but feel you have some of the relevant skills and experience we're looking for, please do consider applying and highlight your transferable skills and experience. We embrace diversity in all its forms, valuing individuals regardless of age, disability, gender identity or reassignment, marital or civil partner status, pregnancy or maternity status, race, colour, nationality, ethnic or national origin, religion or belief, sex, or sexual orientation. Your perspective and potential are important to us.
