About the role:  

Our Financial Services Technology Risk and Resilience team helps FS firms navigate a fast-moving regulatory landscape while helping them to manage robust, future-proof technology estates. From shaping digital resilience frameworks under the Digital Operational Resilience Act (DORA) to helping firms enhance their technology risk maturity as they list, we combine deep sector insight with leading technology to solve problems alongside our clients. 

What your days will look like:

Working with the engagement manager, leader and broader engagement team, you will support the manager with and at times take responsibility for various areas of the engagement which may include: 

• Delivering fieldwork on technology risk and digital resilience engagements. 

• Performing control walkthroughs, sample testing and evidence review across technology risk and resilience domains and designing remediation plans to address any identified gaps. 

• Draft gap analysis and maturity assessment artefacts aligned to COBIT, ITIL and other frameworks. 

• Support regulatory readiness and assurance projects (including supporting startups as they go. through the authorisations process). 

• Prepare working papers and writing reports for clients, regulators and other internal and external stakeholders. 

• Build trusted relationships with client SMEs and control owners. 

• Contribute to thought-leadership blogs. 

• Supporting business development activities such as preparing responses to tenders, creating proposal documents and supporting in the creation of market facing thought leadership. 

• Ownership of your personal development to ensure you are equipped with the skills relevant to the proposition now and in the future. 

• Coaching junior members of the team, providing support, training and feedback. 

• Engaging with the firm’s digital agenda and tools to help us deliver innovative solutions. 

The role is for you if:

•  Experience in technology risk, IT audit, digital resilience or related consulting within financial services. 

• Working knowledge of UK and European Technology and Resilience Regulation, as well as frameworks such as COBIT, ITIL, NIST CSF and ISO 27001/22301. 

• Practical experience of control testing or assurance fieldwork (e.g., evidence sampling, walkthroughs, KRI analysis). 

• Strong communication skills – able to translate technical findings into clear, concise messages for business stakeholders. 

• Possession of strong team working and leadership skills, including the ability to work as a team and under your own initiative 

• ​A willingness to learn new skills and help develop and innovate new client propositions 

• Strong oral and written communication skills (e.g. running walkthroughs, report writing) 

• Demonstrable experience of using AI in current role  
• Progress toward professional certifications such as CRISC, CISA, CISSP, CBCI, ISO 22301 Lead Auditor, or Prince2/AgilePM and exposure to regulatory remediation programmes (e.g., s166 Skilled-Person reviews) preferred.

What you’ll receive from us:   

No matter where you may be in your career or personal life, our benefits are designed to add value and support, recognising and rewarding you fairly for your contributions. 

We offer a range of benefits including empowered flexibility and a working week split between office, home and client site; private medical cover and 24/7 access to a qualified virtual GP; six volunteering days a year and much more.