Enterprise Technology Senior Controls Analyst

Job DescriptionAs our Enterprise Technology Controls Senior Analyst you will sit within the Enterprise Technology Controls Team and its primary focus is to support the Enterprise Technology Controls Manager to maintain and enhance Informa's IT controls to ensure they remain effective.You are required to have a good understanding of Informa as a business, and knowledge of the Shared Service Organisation Process Control environment would be advantageous to further understand the business risks that are presented, and how these are underpinned by the General IT Controls (GITCs).You will be responsible for the management of the Risk and Control Matrices and will operate within the 2nd Line of Defence to ensure that all IT related Group policies and procedures are adhered to for the applications within the remit of the Enterprise Technology Controls Team, and that controls are designed appropriately to reduce or fully mitigate any identified risks.The IT control's function expanded, and the current Enterprise Technology Controls team was established in 2020 to provide Informa management with the continued assurance over the effectiveness of the company's General IT Controls.
The team originally only provided assurance over the 2 financial ERPs SAP, and Oracle, but since its creation it has continued to evolve and is now taking responsibility for other peripheral applications, along with coordinating the IT audit with our External Audit Partners.The team sits as part of the Technology Solutions and Services (TSS) Group under the Enterprise Technology team, reporting into the Chief Enterprise Technology Officer (CETO) but with dotted responsibilities to the Chief Information Security Officer (CISO) and the Chief Technology Operating Officer (CTOO).You will initially report to the Director of Enterprise Technology Controls and will work closely with our internal IT teams as well as our 3rd party support providers Mindtree and IBM; liaising frequently with Internal and External Audit, GBS and divisional control teams, and InfoSec with the aim of ensuring that enterprise applications maintain a controlled environment that does not encumber the efficiency of operational activity.Key Outputs and Outcomes Assist with the implementation of the Controls Management System (CMS) AuditBoard for new Risk and Control Matrix (RaCM) deployments, ensuring clear and consistent documentation standards and capturing accountabilities / responsibilities for each material controlLead implementations of the various IT Risk and Control Matrices (RaCM), ensuring that any control changes are documented, and that full training is provided to the control owners and performersDrive and monitor the remediation of gaps and control deficiencies, ensuring they are captured in line with the issue management processes and standardsMaintain AuditBoard to ensure risks and controls are updated and there is ongoing compliance across the business with the requirements of the Controls FrameworkDrive the creation and maintenance of the controls documentation to ensure they remain current, for example to consider changes arising from technology and process changesDevelop and document the testing procedure for each key control, as well as the wider population of non-key controls, assist with the execution of assurance and testing activities on an ongoing basis, liaising with the related testing resources (such as Control Owners and Performers) to refine the testing plan where appropriate, monitor testing outcomes, and resolve control issuesActively seek opportunities for control improvements such as the use of automation and new technologies that would benefit Informa.Assist with the preparation of adhoc reporting to key stakeholders (including Executive Committee, Audit & Risk Committee and Finance & IT Leadership Teams)Coach the Enterprise Technology Controls Analysts to support with the various RaCM implementations and maintenanceWork with control owners to embed processes and procedures to implement and operationalise controls to ensure they are understood and are operating effectively.Liaise with External Audit partners to support with their review of the IT Controls as part of the Group PCAOB auditSeek opportunities for personal development to ensure that IT controls knowledge is continuously being enhanced and kept up to date.Measures of Success Successful and efficient management of Risk and Control Matrix implementationsReductions in the elapsed time taken to remediate controls deficiencies.Successful performance of controls testing and subsequent reporting.Continue to see positive results in the external audit, with a reduction in the recommendations being made.QualificationsStrong knowledge of IT controls and security principles essentialPrevious experience of implementing and maintaining IT controls in multi-application environmentAbility to identify, document and understand IT processes, risks and controlsGood understanding and knowledge of business process controls within the Shared Service organisation an advantageAssessing control design and operating effectiveness; identifying appropriate remediation for control deficiencies and supporting the business to complete themRisk aware, knows how to manage identified risks and when to escalate identified risks and issues to other members of the Team or Informa ManagementA drive to deepen controls knowledge, including the application of new technologies to support control performance and testingA motivated self-starter who can work autonomously as well as being a team player.Proven ability to prioritise, meet deadlines and follow through to completion on projects, requests and tasksPractical IT knowledge with skills in Office365 applicationsExperience of being subject to audit highly desirable with specific exposure to PCAOB and SOX audits an advantageAbility to provide an excellent level of service to all Informa customers and colleagues.
Ability to coach, mentor and help develop more junior members of the team.Additional InformationWe work hard to make sure Life at Informa is rewarding, supportive and enjoyable for everyone.
Here's some of what you can expect when you join us.
But don't just take our word for it – see what our colleagues have to say at Our benefits include;Freedom & flexibility: colleagues rate us highly for the flexibility and trust they receive and most of us balance time in the office with time working remotely Great community: a welcoming culture with in-person and online social events, our fantastic Walk the World charity day and active diversity and inclusion networks •Broader impact: take up to four days per year to volunteer, with charity match funding available too.Career opportunity: the opportunity to develop your career with bespoke training and learning, mentoring platforms and on-demand access to thousands of courses on LinkedIn Learning.
When it's time for the next step, we encourage and support internal job moves.Time out: 25 days annual leave, rising to 27 days after two years, plus a birthday leave day and the chance to work from (almost!)
anywhere for up to four weeks a yearA flexible range of personal benefits to choose from, plus company funded private medical coverA ShareMatch scheme that allows you to become an Informa shareholder with free matching sharesStrong wellbeing support through EAP assistance, mental health first aiders, a healthy living subsidy, access to health apps and moreRecognition for great work, with global awards and kudos programmes As an international company, the chance to collaborate with teams around the worldWe're not solely focused on a checklist of skills.
We champion energy and ambition and look for colleagues who will roll their sleeves up, join in and help make things happen.
If it sounds like a match and you have most – although not all – of the skills and experience listed, we welcome your application.
At Informa, you'll find inclusive experiences and environments where all perspectives and backgrounds are welcomed.
As part of this approach and our diversity and inclusion commitments, we are also formally an Equal Opportunities Employer.
This means we base decisions on relevant qualifications and merit and do not discriminate on the basis of key characteristics and statuses, including all of those protected by law.
Ask us or see our website for full information.