ETIC, Technology Risk and Resilience Senior Associate

About the Role

Our Technology Risk and Resilience team helps firms navigate a fast-moving regulatory landscape while managing robust future-proof technology estates. From shaping digital resilience frameworks under the Digital Operational Resilience Act (DORA) to helping firms enhance their technology risk maturity we combine deep sector insight with leading technology to solve problems alongside our clients.

WhatYoullBe Doing

• Supporting the engagement manager and broader team in delivering technology risk and resilience advisory engagements.

• Performing control walkthroughs sample testing and evidence review across technology risk and resilience domains.

• Drafting gap analysis and maturity assessment artefacts aligned to frameworks such as COBIT ITIL NIST CSF ISO 27001/22301.

• Assistingwith regulatory readiness and assurance projects including resilience assessments under DORA and other EU/UK regulations.

• Preparing working papers andcontributing toreports forclients regulators and internal stakeholders.

• Supporting risk advisory and assurance engagements ensuring resilienceobjectivesare embedded in technology change and operations.

• Using platforms like ServiceNow for resilience-related analysis and reporting.

• Engaging with the firms digital agendaleveragingAI tools to enhance risk monitoring and resilience testing.

• Contributing tocloud and DevOps risk assessments ensuring secure compliant and recoverable environments.

• Assistingwith business development activities such as preparing responses to tenders and creating proposal documents.

• Building trusted relationships with client SMEs and control owners.

• Coaching junior team members and supporting their development.

• Taking ownership of your personal development to ensure you are equipped with skills relevant to the proposition now and in the future.

WhatWereLooking For

• Experience in technology risk IT audit digital resilience or related consulting.

• Working knowledge of UK/EU Technology and Resilience Regulations (including DORA) and frameworks such as COBIT ITIL NIST CSF ISO 27001/22301.

• Practical experience in control testing or assurance fieldwork (evidence sampling walkthroughs KRI analysis).

• Strong communicationskills - able to translate technical findings into clear concise messages for business stakeholders.

• Familiarity with ServiceNow for resilience-related analysis and automation.

• Understanding oftechnology risk models and resilience frameworks.

• Demonstrable experience of using AI in current role for risk and resilience use cases.

• Progress toward professional certifications such as CRISC CISA CISSP CBCI ISO 22301 Lead Auditor or Prince2/AgilePM.

• Exposure to regulatory remediationprogrammes(e.g. s166 Skilled-Person reviews) preferred.