We at Mimecast take the pain out of handling our clients’ most important data: the information that passes through their email systems.  Our solution is to cut through the complexity of corporate email.  We built a platform from scratch that uses cloud computing to deliver email management.  Everything we’ve done since, has been designed to take the pain out of information management and make the next generation of technology work better for our customers. 

About the position

The Operational Risk Analyst is responsible for supporting governance projects and assisting the Assurance, Risk and Control (ARC) team in oversight and improvement of the Mimecast internal control system. The nature of this position requires inside contact with company employees, at all levels, and occasional contact with outside client representatives, vendors, auditors and other business-related representatives.

1. Supporting ARC managers in delivering on the annual audit plan, control design and implementation
2. Assist in the various stages of an internal and external audit engagement, including fieldwork, and follow-up activities.
3. Cataloguing of evidentiary artefacts.
4. Support audit testing of the internal control environment
5. Assist in the performance of special reviews at the request of management.
6. Engages in continuous professional development, including the retention of any professional certifications, attending industry learning events regarding industry advances or regulatory developments

Essential Skills and Experience:

1. At least 1-2 years’ frontline experience gained in one or more of the following business areas; governance, risk management, internal audit, information technology, information security, software project delivery or similar function
2. Detail oriented verbal and written communication skills
3. Demonstrable experience supporting governance event coordination, including delegate logistics and liaising with internal and external stakeholders

Desirable:

1. Is qualified in enterprise, project or information security risk management such as recognised certifications from a leading risk or audit professional body such as the Institute of Risk Management, ISACA, AICPA, or the IIA
2. Has worked in an environment that has an external interface with customers or regulators
3. Is currently working, or has experience of working, for a Cloud Service Provider / Vendor
4. Has worked with technical stakeholders to control risk

Person Specification:

1. Capable of producing quality outcomes whilst meeting demanding deadlines, across concurrent and dynamic work streams
2. Can work under their own initiative
3. Build productive relationships across a broad range business unit disciplines

The ideal candidate for the Mimecast team will demonstrate the following attributes:

Would describe themselves as technical and interested in technical risk controls and enjoys granular and detailed work. They would be currently working in, or has extensive operational experience of a role that required strict adherence to deadlines. This person would most likely be performing a risk analyst or junior auditor role wanting to expand their exposure to all governance specialisms with the aim of building a lifelong career in risk and control