Senior IT Risk Analyst – 12 Month Day Rate Contract at GRAVITAS RECRUITMENT GROUP LIMITED, London Area, £200-£350 per day

Senior IT Risk Analyst – 12 Month Day Rate Contract

Central London

12 months (April start) | Technology Risk

Rate: £200 - £350/day Outside IR35

We are partnering with a global financial clients are undertaking a major technology and cloud transformation, moving from traditional data centres to AWS and GCP. They are looking for an IT Risk Analyst, to help genuinely shape how technology risk is managed. This is a great opportunity for a Risk Analyst, who is keen to work in a modern, engineering-led environment.

Why this role?

• Direct influence on a flagship cloud transformation
• Small, high-impact team where your work is visible and valued
• Opportunity to modernise and automate how risk and controls are run (not a clipboard/tick‑box role)
• Broad stakeholder exposure across engineering, platforms, InfoSec, Audit, and senior technology leadership
• Culture that values pace, outcomes, and pragmatism

What you’ll be doing

• Leading IT risk and control assessments across key systems, infrastructure, and major change initiatives
• Providing independent check and challenge to first‑line technology teams on risk assessments, control design, and remediation plans
• Shaping how traditional data centre controls are re‑imagined for cloud landing zones in AWS and GCP
• Applying regulatory, audit, and policy expectations (NIST, ISO 27001, COBIT, GDPR, PCI etc.) in a practical, engineer-friendly way
• Preparing clear risk documentation, recommendations, and inputs for governance forums and committees
• Anticipating likely audit and regulatory focus areas to reduce findings and support “audit‑ready” evidence
• Facilitating workshops and working sessions with engineers and stakeholders in the UK and Bangalore to identify risks, agree controls, and drive actions
• Identifying opportunities to streamline and automate risk and control activities, moving towards more continuous, data‑driven assurance

What you’ll bring

• Strong background in IT risk, technology controls, or technology audit
• Solid understanding of IT General Controls, cybersecurity concepts, and cloud environments (AWS experience strongly preferred; GCP a plus)
• Familiarity with recognised frameworks such as NIST, ISO 27001, COBIT (and ideally exposure to GDPR/data protection and PCI)
• Experience in regulated or complex technology organisations; financial services/fintech experience will give you an edge
• Ability to translate regulatory and audit language into clear, pragmatic requirements for engineers and delivery teams
• Confident communicator who can flex between detailed technical conversations and concise, senior‑level summaries
• Strong facilitation and stakeholder skills, including managing pushback and influencing without formal authority
• Self‑starter comfortable working in a lean UK team, collaborating day‑to‑day with colleagues and engineers globally

Working pattern

• 3 days per week in the office
• Outcome‑focused culture with standard core hours around 9–5

If this seems like a good fit, please apply today and one of the team will be in touch to run through the details.