IT Auditor

Competitive + excellent benefits
09 Mar 2018
09 Apr 2018
Contract Type
Full Time

The Company

Arcadia Group Ltd. is a British multinational retailing company headquartered in London, United Kingdom. It owns the high street clothing retailers Burton, Dorothy Perkins, Evans, Miss Selfridge, Topman, Topshop, Wallis and the out of town chain Outfit, which sells lines from the other group chains. The group has more than 2,500 outlets in the UK, concessions in UK department stores such as Debenhams, Selfridges and House of Fraser, as well as several hundred franchises in other countries.

The Department 

The Audit and Investigations department provides an audit assurance and fraud investigation service to the Group. They support the overall control environment and focus on internal and external fraud and theft, and critical business controls.


With the authority of the CEO and the endorsement of the Audit and Risk Committee, the Audit and Investigations department are responsible for delivering an independent and objective risk-based Internal Audit service designed to evaluate and improve risk management, and control and governance processes across all key business areas.

In addition, the department provide assurance to the Audit and Risk Committee regarding the effectiveness of internal controls throughout the business. The IT Auditor will be responsible for the evaluation of risk and control processes specifically relating to Technology.

The IT Auditor is also key to providing the wider Internal Audit and Investigations team with IT expertise and as a source for the development of analytics within the department.

Key Responsibilities 

The IT Auditor will work jointly with business stakeholders to determine the IT risk universe in order to support the Senior Audit Manager in the development of the risk based audit plan which is presented quarterly to the Audit and Risk Committee along with updates of key Audit activity.

The IT Auditor will deliver a broad range of IT audit and risk engagements developing close working relationships with the operational Internal Audit team, Group Risk and third-party providers. Assignments will be performed through the application of recognised audit and control methodologies such as COBIT.

The IT Auditor will develop audit programs and complete IT audits in areas selected according to business risk. These will include the review of controls and processes in the following areas:

  • Computer operations and support
  • Business transformation/change projects and other systems under development
  • Application, database and infrastructure controls of key business systems
  • Data security (primarily compliance with regulatory requirements)
  • IT business policy compliance
  • Business continuity and incident escalation

The evaluation of each area will take into account the potential for loss through security and service control failure, regulatory compliance (for example data protection, computer misuse) and vulnerability to fraud, intrusion or other emerging threats.

The IT Auditor will work with stakeholders to identify cost effective and efficient solutions to any business exposures identified. Reports of findings and required actions for all assignments undertaken will be distributed to stakeholders and summaries presented quarterly to the Audit and Risk Committee.

A further key element of the role is championing the use of data analytics across the Internal Audit team to identify control weaknesses and to support the wider Investigations team to identify fraudulent activity.


  • Possess a high level of technical knowledge gained from 5+ years of experience in an IT Audit role (preferably in Retail).
  • Possess a relevant IT Audit qualification (CISA) or general internal audit qualification (CIA) and a tech degree.
  • Detailed knowledge of recognised IT standards (ISO27001, COBIT, ITIL, SOX), and regulatory compliance requirements (PCIDSS, GDPR).
  • Experience of security testing methodologies applicable to applications, networks and systems under development. 
  • Experience of procurement of external security testing services and consultancy.
  • Knowledge of networking and OS technologies (e.g. Windows, iSeries, Unix) and controls.
  • Knowledge of system development methodologies (Agile, Waterfall) and project management standards (PRINCE) and related control frameworks.
  • Experience of auditing large scale enterprise systems from initial stages of development to mature production environments.
  • Excellent communication (written/verbal/presentation)
  • Strong leadership skills, tenacious, has the ability to influence at all levels ensuring actions resulting from audit findings are communicated and dealt with appropriately.
  • Ability to apply commercial awareness to all business decisions.

Ready to join the Arcadia Group? Send your application via the form below today.

Apply for IT Auditor

Already uploaded your CV? Sign in to apply instantly


Upload from your computer

Or import from cloud storage

Your CV must be a .doc, .pdf, .docx, .rtf, and no bigger than 1MB

4000 characters left

All questions are required

Are you legally entitled to work in the UK full-time without restriction?

By applying for a job listed on you agree to our terms and conditions and privacy policy. You should never be required to provide bank account details to apply for a job on our site. If you are asked for these by a recruiter, please email us.

Similar jobs

Similar jobs