IT Risk and Controls Senior Consultant

🔒 Confidential Employer
Posted 24 April 2026
LOCATION
Stratford-upon-Avon
TYPE
Full-time
LEVEL
Mid-Senior level
SALARY
£76,000 / year
CATEGORY
Information Technology
This employer holds a UK Home Office sponsor license — sponsorship for this specific role is at the employer’s discretion

SKILLS

IT Controls Risk Management Audit NIST ISO 27001 COBIT CRISC CISA

FULL DESCRIPTION

Join the [Employer hidden — view at passion-project.co.uk] IT Risk and Controls team.

Based at our Stratford-upon-Avon office with excellent facilities and surroundings.

Hybrid working with the option to work 80% of your hours from home.

IT Risk and Controls Senior Consultant

We are seeking a highly motivated and skilled professional with a proven track record in audit, IT controls and operational risk management to join our 1st line team on a permanent basis.

In this key role you will lead, support and promote a solid culture of audit readiness, risk awareness and controls management across IT.  You’ll play a key role in ensuring the IT Division are always audit ready, can evidence this, and have proven experience of managing relationships with internal and external auditors and audit processes.  Your role will be key in educating SMEs on what to expect and how to respond to audit.

You will lead controls testing and drive control excellence by supporting the design, implementation and on-going management of IT controls, addressing deficiencies, ensuring robust governance and recommending / implementing opportunities for automation

You will have in-depth knowledge and experience of operating at a senior level in risk management and drive a culture of continuous improvement, challenge and pro-active risk management.

You will stay ahead of industry best practices, emerging threats and regulatory changes, recommending improvements to strengthen our IT control and risk environment to promote a strong ownership and pro-active controls culture, you will also provide training and awareness of IT risk and controls to stakeholders. Coach and support junior team members, contributing to capability and knowledge development across the function.

This role requires an extensive background within Audit, IT Risk and Controls management, excellent leadership skills, and a passion for delivering outstanding customer service.

About you

As a Senior IT Risk and Controls Consultant, you’ll be proactive have excellent collaboration, negotiation and influencing skills acting as a trusted advisor to IT ensuring stakeholders understand the importance and value of controls and drive a proactive approach. You’ll be an excellent written and verbal communicator and be confident presenting to virtual and in-person audiences across all levels.

To be successful in this role, you’ll also have:

  • Knowledge of relevant frameworks as such as NIST, ISO 27001 and ITIL
  • Good understanding and knowledge of COBIT
  • Experience of performing IT risk and control-based reviews and audit.
  • Leadership and team building skills and working in high performing teams
  • In-depth knowledge and experience of operating at a senior level in risk management
  • Proven experience of analytical work in a governance, risk management or similar assurance function.
  • Proficiency in using risk management tools and software
  • Demonstrated track record of delivering continual service improvements within complex, multi vendor environments.
  • Experience in the automation of manual controls and establishing automated control testing
  • Professional certifications such as CRISC (Certified in Risk and Information Systems Control) or CISA (Certified Information Systems Auditor). These are preferred but not essential
Sign up free — access 45,000+ UK sponsor-licensed jobs