IT Audit Manager
IT Audit Manager
In this role as an IT Audit Manager you will support the delivery of individual IT audits through the audit process from planning and scoping through to report issue and file closure, including application, infrastructure and project audits. You will develop and execute appropriate IT assurance work programs.
You will discuss audit findings with IT management and ensure that appropriate responses are obtained for each finding raised. You will prepare and agree clear and concise reports to stakeholders, which provide an independent review of their activities, together with commercially relevant recommendations to improve their internal control system and address weaknesses and process inefficiencies identified.
Furthermore you will execute project reviews covering project management, change control, resource allocation and assessing governance of the projects to ensure the successful outcomes against approved objectives. This covers all areas of a project from inception, design and reporting through to benefits tracking and post evaluation.
You will perform regular activity to follow up the effective implementation of corrective actions, involving close liaison with business management and other Group Audit team members, evaluating new evidence, and where appropriate, performing on-site audit validation.
You will actively contribute to the development of a culture of risk and control awareness throughout the organisation. Building and sustaining good working relationships with managers and other members of the Group Audit team, IT and non-IT staff within the Group is crucial.
We will also look for you to participate in Group Audit initiatives and projects and ad-hoc tasks such as one-off special investigations covering fraud, IT weaknesses, or PCI DSS non-compliance.
- University degree (or equivalent) with at least six years practical experience of auditing IT processes, applications, infrastructure, IT security and projects, able to understand processes and controls and identify potential risks to the business
- Recognised IT Audit certification (e.g. CISA, QICA, CRISC)
- Excellent knowledge of IT risk, security and control and a clear understanding of the relationship between IT systems and business risk
- Excellent communication, relationship building and inter-personal skills
- Experience with both large corporate IT environments and small/medium sized businesses
- High attention to detail and rigorous logical thinking ability with the ability to leverage skills in new situations
- An ability to focus on the completion of key tasks, including obtaining suitable evidence and resolving problems, writing up of work performed and drafting of reports, is essential
- Must be fluent in English (written and spoken). The ability to speak another language would be a distinct advantage
- Sound judgment, a commercial focus, and the ability to communicate recommendations effectively
- An inquisitive, credible and self -confident personality with a high level of personal integrity and an independent mindset
- A good team player who is also comfortable working alone on projects on away assignments
- Willingness and ability to progress and develop into a position with more autonomy in due course
Given the areas of responsibility, this role will involve travel both within the UK and overseas (typically around 50% over a year depending on the Audit Plan), requiring the post holder to spend time away from home, including week-ends from time to time.