Technology GCR Lead

at  Penneys

TECHNOLOGY GRC LEAD

Our Technology teams are right at the heart of what we do. Surrounded by some of the best Technology specialists in the industry, you’ll bring your own ideas to the business - helping to shape the experience of our customers as part of a forward-thinking team.
The Technology GRC Lead will report directly to the Head of Technology Risk & Compliance and oversee a small group of internal analysts and partner teams. The role will support the Security & Risk function in delivering its many requirements and obligations ensuring a pro-active approach to supporting Primark Tech in several risk and audit activities including the effective delivery of a yearly IT general controls testing plan.
The Tech GRC Lead will be responsible for resource planning and developing the skills and capabilities required for their team to deliver all required GRC activities as well as delivering their own portfolio of activities.

WHAT YOU’LL DO:

In your role, you’ll collaborate with different people across a range of skillsets. Here’s a flavour of your day-to-day:

• Oversees and manages a portfolio of activities that are the responsibility of the internal analyst team and our 3rd party partners.
• Support the GRC Managers in developing processes and procedures that support the committed deliverables of the team.
• Support the continuous communication between assurance providers, such as External Audit (EA) and Internal Audit (IA), to ensure a holistic view of IT control activities and supports the coordination of the auditing process.
• Supports the planning, coordination and testing of IT General Controls required to support management’s controls attestations.
• Contributes effectively to the continuous development of the IT General Controls framework.
• Coordinate daily risk management processes including triage of risks raised by the technology function.
• Support the discovery and baseline of IT dependencies in collaboration with the Internal Controls Team.
• Coordinates meetings with risk and control owners to review and drive the closure of open audit points and track the remediation of controls issues.Work closely with control owners to improve testing effectiveness.
• Review, evaluate and document internal controls and design effectiveness testing and assessment.

Here at Primark, we want everyone to feel valued – so please bring your authentic self to work, of course with some other key experience and abilities for this role in particular:

• Proven practical experience and knowledge of IT control frameworks and best practice methodologies.
• Professional experience working in a highly regulated environment.
• Good understanding of assurance principles and methodologies.
• Basic understanding of the retail industry
• Basic knowledge of IT governance frameworks, industry standards, and regulatory requirements.
• Experience in developing and testing of controls.
• Experience with COBIT, ISO 27001, NIST, GDPR requirements advantageous.
• Ability to translate complex regulatory language into clear and actionable IT requirements