Senior Control Advisor / GRC Advisor

2681 - Senior Control Advisor / GRC Advisor - Aberdeen or London

We're looking for a proactive and detail-oriented Senior Control Advisor to support the Governance, Risk & Compliance (GRC) function. In this role, you'll help ensure regulatory compliance and effective risk management by monitoring controls, conducting audits, and collaborating with business units to strengthen the IT governance framework. You'll play a key part in identifying and mitigating risks, promoting a culture of accountability, and driving continuous improvement across the control environment.

Role Purpose

• Monitor regulatory changes and assess compliance with laws, standards, and internal policies
• Plan and conduct IT compliance audits, ensuring alignment with UK Corporate Reform mandates
• Collaborate with business units to identify key IT applications subject to regulatory oversight
• Support risk management by evaluating control effectiveness and mitigation strategies
• Identify and document control gaps, recommending corrective actions and improvements
• Maintain accurate records of control testing and remediation, and report findings to stakeholders
• Implement and enforce control frameworks, conduct risk assessments, and advise on IT General Controls (ITGCs) best practices
• Deliver training and promote awareness of compliance and control procedures across the organisation
• Drive continuous improvement in risk, compliance, and control processes

What you'll do

• Work with the GRC Senior Manager to support IS in the delivery of GRC activities
• Collaborate with IS teams to create and complete Risk & Control Matrices for applications
• Ensure alignment with regulatory requirements and industry standards
• Identify existing IT General Controls (ITGCs) within systems
• Propose enhancements to controls based on specific application requirements
• Address deficiencies or gaps in control design
• Evaluate the effectiveness of controls during the design phase
• Conduct operating effectiveness assessments to verify control implementation
• Document findings and recommend improvements
• Work closely with control owners (process owners, IT teams, etc.)
• Facilitate discussions on control improvements and remediation plans
• Ensure timely resolution of control deficiencies
• Regularly report progress and updates related to ITGCs
• Present findings to management, audit committees, and other stakeholders
• Stay informed about emerging risks and industry best practices
• Participate in process improvement initiatives related to ITGCs
• Contribute to the development of control frameworks
• Support the GRC Senior Manager in any required activities which support improvements in assurance, compliance, and audit activities
• Monitor key controls, e.g., IT General Controls (ITGCs) which support financial reporting
• Addresses findings from identified control failures
• Works with minimal supervision, using clearly defined processes and procedure
• Facilitates the use of performance metrics to improve output
• Oversees the performance of the offshore Control Operating Effectiveness team

What to bring

• Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate GRC related concepts to technical and nontechnical audiences.
• Substantial relevant experience in control management for governance, compliance, IT audits, IS assurance and risk management programmes.
• CISA, CISM, ISO27001 or equivalent preferred
• Relevant IT work experience
• Understanding of regulatory requirements, including cross-industry regulations (e.g., GDPR, Data Protection Act, UK Corporate Reform) and industry-specific regulations
• Highly skilled in designing and implementing compliance and control frameworks.
• Proficient in IT governance and quality standards
• Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT as well as those from NIST, including 800-53 and Cybersecurity Framework
• Excellent stakeholder management skills
• High level of personal integrity, as well as the ability to professionally handle confidential matters and show an appropriate level of judgment and maturity
• Experience in configuring GRC tools to support Risk & Control compliance preferred

What You'll Get in Return:

For employees, we're committed to recognising and rewarding hard work. Our competitive salary and benefits package includes; Company Pension Scheme, Private Medical & Dental Insurance, Group Income Protection, Group Life Assurance, Cycle to Work and Electric Car Salary Sacrifice Scheme. We also invest in your development. If you choose to self-study in your own time, we'll fund your study materials and exam fees - and once you pass, you'll receive an incentive bonus.

How to Apply

We're committed to creating an inclusive and accessible recruitment process. If you have any access needs or require adjustments at any stage of the application or assessment process, please let us know - we're happy to support you.

Please note: All offers of employment will be subject to background checks and confirmation of the right to work in the UK.

Location: Aberdeen or London (Hybrid working available)

Apply now to be part of a team that values initiative, collaboration, and continuous improvement;

About us

prosource.it is a professional services provider in technology. Established as a traditional provider of managed IT services, prosource.it has evolved with industry and the rapid pace of change within the technology sector. We recognise the importance of people and business process in the successful adoption of technology and change. Our readiness to embrace and apply change comes from our people and we offer a variety of business services across the lifespan of successful technological deployment and adoption. We are a people centred business with a global workforce of 500 plus staff and contractors.

Our values are central to what we do and how we do it. We feel they are simple and easy to relate to and we are always looking to welcome new people to the team who share our vision and values. We pride ourselves on being easy to deal with, agile and accepting of change across a wide range of challenging and rewarding roles. We are a team of 'can do' and 'how can I help' individuals committed to teamwork, partnership, service excellence and delivery.