Head of Cloud Assurance

Scotland, Edinburgh
£80,000 - £110,000 per annum
03 Sep 2018
17 Sep 2018
Barry Smith
Department Head
Accounting, Analyst, Finance, Strategy
Contract Type

The Cloud Assurance Team Lead is responsible for ensuring strong risk management processes and controls throughout the Cloud risk management framework. This role would involve leading this team.

Client Details

Global FS client looking to hire a Head of Cloud Assurance to join and lead on the provision of Cloud services within the banks cloud framework. Operating at a senior level as a key contributor to both strategic and operational decision making by providing insight, challenge and support.

You will lead the Cloud Assurance Team, consisting of a highly skilled team of Cloud technology risk professionals who engage at all levels across the IT teams to identify, assess and manage technology risks surrounding Cloud operating models.

Additionally, you will define and shape the approach to effective risk ownership and action within the business to drive risk reduction and remain within risk appetite, and support the definition of the Risk and Control management strategy and practices that will strengthen IT performance.


  • Support the development and management of the risk profile for various Cloud archetypes, including: IaaS (Infrastructure as a Service), PaaS (Platform as a Service), SaaS (Software as a Service)
  • Develop, implement and own the Cloud risk management framework which complies with the Group's policies and risk appetite
  • Risk assess and provide assurance on Cloud operating models and associated delivery initiatives, ensuring they are within Group's risk appetite
  • Provide expert knowledge and guidance on internal and external management of Cloud risks and controls
  • Understand the business context of the area, strategies and support the formulation of a forward view of security risk based on expert understanding of frameworks such as NIST/COBIT
  • Perform and embed risk discovery activity. Have a view of the risk portfolio to enable risk calibration and identify risk aggregation points
  • Validate the portfolio of risk in an accurate and full representation of the known risk landscape. Primary challenge point for risk assessments
  • Play a key role in the Group's Risk Profile Management and the material risks that contribute to the Group's risk profile
  • Identify areas of risk and work with the business to develop appropriate controls to address these weaknesses. Provide holistic insights into the Group Policy Framework
  • Build strong relationships within Senior Management across the Group to obtain / exchange information, identify best practices and where appropriate, to respond to changes in the internal and external environment
  • Drive and develop a culture of continuous improvement in all areas to identify solutions which deliver risk remediation and mitigation within risk appetite
  • Educate the Business Unit leadership team and facilitate the identification and proactive management of their risks and controls


  • Proven experience of IT risk management and understanding the external environment and threat landscape
  • Significant experience of risk management for delivery and management of the IaaS, SaaS and PaaS Cloud archetypes
  • Extensive knowledge and experience of working on Private and Public Cloud operating models
  • Experience of delivering/owning IT Security/Cyber risk frameworks

Job Offer

Structured career path to complement an attractive salary package including bonus, pension, healthcare and more.

Similar jobs

Similar jobs