IT Controls Lead Glasgow Salary: £54-68K (up to 15% bonus and single healthcare cover) Flexible Working Pattern, Hybrid (2-3 days in the office) Help us create a better future, quicker We're looking for an IT Controls Lead to help us manage technology risks and ensure we meet all regulatory requirements. Your role will involve s upporting the creation and implementation of controls, ensuring controls are operating as expected, c oordinating internal audits, and keeping everyone updated on our compliance status. What you’ll be doing In this role, your responsibilities will include supporting the UK IT Certification process for financial reporting controls, reporting on technology risks, and ensuring compliance with regulations. You will be tasked with managing the IT Risk Register, making sure risks are well-defined and actions are taken. Coordinating internal audits and maintaining compliance status reports will be part of your responsibilities. You will also be responsible for performing gap analysis to assess our compliance position, overseeing and managing outsourced controls assurance work, and preparing and executing an annual IT controls assurance testing plan. Additionally, you will be defining and delivering IT General Controls improvement plans. This role reports to the Head of IT Risk & Compliance and involves significant communication and collaboration with other Group functions and Group Cybersecurity. Your role will involve working with the UK Digital Transformation Director and Head of IT Risk & Compliance to provide advice and recommendations on risk and controls testing. You will be guiding UK IT teams on IT General Controls and risk management, updating the Head of Internal Audit on IT audit findings, and reporting on the current IT Risk position to UK Businesses. As well as this, you will be providing input into IT investment plans to ensure funding for risk and controls improvement. Organising your workload and setting objectives over a 12-month planning horizon will be necessary. You will also be recommending risk and IT controls requirements for UK IT projects. What you’ll bring We're seeking someone with experience in IT Risk Management Frameworks, preferably in a similar-sized organization. You should have knowledge of IT General Controls (ITGC) and relevant regulations such as GDPR and the NIS Directive. Familiarity with industry standards like ISO27001, NIST, ITIL, and SANS CSC20 is important. Strong problem-solving and project management skills are essential, as well as excellent communication skills to explain technical issues to non-technical managers. What’s in it for you As well as a competitive salary which is reviewed annually, you can also enjoy a number of other benefits. With our pension scheme, we’ll double match your contribution up to a company contribution of 10%. At ScottishPower, we believe it’s the little things we do in life that make a big difference. From helping you look after your family’s wellbeing, save for your future and take personal steps for climate action – our benefits are designed to help you do just that - so that you have everything you need to take care of your world – today and tomorrow. That’s why our benefits include: 36 days annual leave Holiday purchase – perfect your work/life balance with extra annual leave Share Incentive Plan and Sharesave Scheme Payroll giving and charity matched funding Technology Vouchers – save more and spread the cost of your technology purposes Count us in – pledge to reduce carbon emissions and help fight climate change Electric Vehicle Schemes – to help you transition to green/clean driving Cycle to Work scheme and public transport season ticket loans Options to purchase dental insurance, private medical insurance, health cash plan and annual health assessments Life Assurance (4x salary) Access to ‘nudge’ financial wellbeing support Plus shopping, leisure, restaurant and gym discounts, and unique employee deals on travel insurance and more Why ScottishPower ScottishPower is part of the Iberdrola Group, one of the world’s largest integrated utility companies and a world leader in wind energy. With a commitment to generate all of our energy from renewable resources and a drive to create the energy infrastructure of the future, we’re at the forefront of the journey to Net Zero and investing over £6m every working day to make this happen. With diverse opportunities across our businesses and a commitment to invest in our own internal talent, ScottishPower can offer people real career opportunities that meet personal and professional goals, in a global organisation Inclusion, diversity, and a social purpose are at the heart of everything we do. Together with our values, they bring us together into a stronger, more sustainable business with direct links to the communities we serve. It takes all kinds of people to build a large-scale business like ours, so whatever your background, you’ll fit right in. ScottishPower is committed to providing reasonable support or adjustments in our recruiting processes for candidates with disabilities, long term conditions, mental health conditions, or who are neurodivergent or require pregnancy-related support. Mobility Please note that any applicant who is not a citizen of the country of the vacancy will be subject to compliance with the applicable immigration requirements to legally work in that country. If/when required, the Company will support the employee with the necessary Immigration requirements. I MPORTANT Advert will close at 23:59 GMT the day before Job Posting End Date below March-12-2025