Banner Default Image

Business Analyst - Digital Operational Resilience

  • Location


  • Sector:

  • Job type:


  • Salary/Rate:

    £500 per day

  • Contact:

    Sarah Doan-Gill

  • Contact email:


  • Job ref:


  • Consultant:

    Sarah Doan-Gill

Business Analyst – IT Risk Management – London (Contract)

12 Month rolling contract
3 days per week on site
£500 per day (umbrella)


I’m assisting a leading global asset management firm with a strong presence in the UK, seeking a Business Analyst to join on a new Digital Operational Resilience Act (DORA) project.

The successful business analyst will join this program to ensure my client’s IT infrastructure comply with DORA. The role focuses on the IT risk management workstream in which the business analyst will be responsible for analysing, testing and documenting evidence relating to their internal governance and control framework and IT risk management.


• Identify and communicate with key stakeholders in risk, compliance, and IT functions.
• Gather, review, and analyse data and key metrics relating to ICT risk and compliance, policies, standards, and procedures.
• Design tests suitable for assessing compliance with DORA requirements.
• Conduct tests and produce high quality evidence of test results with supporting evidence.
• Document business processes and related walk-through commentaries.
• Design target end states to implement remediation as required, including production of use cases, revised or new business processes, business requirements documentation, etc.

Must Have Qualifications

• Experience of working with internal controls and best practices relating to information technology risk management.
• Experience of designing and operating test cases for policy and standards compliance.
• Experience of documenting and designing business processes using a defined Business Process Management framework.
• Previous experience of working with internal control frameworks is essential.
• Previous experience of working as a business analyst on programs involving regulatory compliance (e.g., Sarbanes-Oxley, UK Corporate Governance Code, etc.), or in the capacity of an audit of IT General Controls, would be beneficial.
• Working knowledge of frameworks such as COSO and/or COBIT is a plus.
• Ability to use Microsoft 365 products to produce extremely high-quality deliverables is a must.