Are you seeking a rewarding career in fast-paced, ever-changing, global technology business but with the flexibility to operate remotely and have genuine work-life balance? Well you can have the best of both worlds!
Technology is central to this major consumer business and hence the Technology Audit function has impressive scale and diversity. The Technology Audit division comprises of three key teams: IT, Networks and Data Security but operates as a “one team” community with a strong team spirit and a flat structure where lead responsibility is rotated. Audit is well known across the business for delivering high quality, reliable advice to internal stakeholders and colleagues across the business and has a track-record of promotions within the division and of progression to other opportunities outside of audit.
As part of the Information/Data Security team and reporting to the Head of Technology Audit, you will be conducting Information/Data Security audits right across this diverse business. The nature of the audits can be technically challenging due to the scale, complexity and wide variety of technology deployed and you will be carrying out reviews in often unfamiliar IT environments. This requires a blend of advanced and diverse technical skills and the ability to implement a wide range of audit techniques and methodologies (as well as apply first rate interpersonal and communication skills).
Key responsibilities will include:
- Planning, performing and reporting of a wide variety of in depth Information/Data Security, Privacy and PCI DSS audit assignments, on a risk assessed basis using appropriate, flexible, and cost effective methodologies that are in line with professional and divisional standards acting either as lead auditor or in support of others;
- Tracking audit recommendations to ensure implementation is achieved against targets and that the remediation is effective;
- Undertaking SOx404 compliance testing assignments in accordance with Divisional SOx timescales and documentation standards;
- Keeping up-to-date with external developments and business insight of specified business operations, strategic imperatives and business risks
- Identify, anticipate and recommend the need for changes to the annual audit plan in response to changing risk profiles and business needs;
- Identification and development of leading edge audit methodologies and best practice
The Information/Data Security Audit function is led from London but many of the team are based in key regional locations and/or work from home when not required to audit on site. Your maximum travel commitment would be 2-3 days per week and would be predominantly within the UK - but typically most of team travel much less than this.
As the ideal candidate, you:
- MUST be a qualified IT/Data Security auditor (CISA/QICA/CISSP/CISM) ideally with a relevant degree
- Have detailed core audit experience in data governance, information security, data privacy and PCI DSS within a large and complex business environment
- Demonstrate a strong understanding of risk and control management frameworks and have effective project management skills
- Show proven ability to provide business insight of specified IT operations, strategic imperatives and business risks
- Have the flexibility to travel UK wide for up to 2-3 days per week (maximum)
- Of course have a strong commitment to teamwork, excellent verbal and written communication skills, and the ability to present at senior management level
On offer is a salary of c£55,000-£60,000 plus c10% bonus (with a strong track record of pay out) benefits and the flexibility to work from home/remotely when not auditing on site. You must be eligible to work within the UK without the need for sponsorship to be considered for this opportunity.