My client requires a Senior IT Audit Manager for their digital area.
- Provide Management with objective analysis, detailed observations and recommendations relating to key Business risk areas to mitigate the spectrum of risks relating to the achievement of Business Objectives and Plans within P&L / Channel area of responsibility.
- Provide independent, objective assurance that risks are being managed to ensure they are within the risk appetite approved by the Board.
- Support the Audit Director in his / her assessment of the overall risk management environment.
Assisting the IT Audit Director to develop and continuously review a 6-montly risk-based audit plan for IT portfolio aligned to BU strategy.
- Performing and managing the delivery of a portfolio of audits within the area of responsibility in line with agreed audit plan, continuously reviewing to ensure alignment between audit strategy and business strategy.
- Supporting the Audit leadership team in executing a range of continuous improvement, administrative and reporting tasks needed to meet stakeholder requirements.
- Required to have a good working relationship with Audit Directors and other members of the Internal Audit team.
- Portfolio and stakeholder relationship management responsibilities - Key accountabilities include building and sustaining good working relationships with technology stakeholders as part of continuous monitoring and risk assessment activities.
- People/team management responsibilities – Developing and coaching
- Help to construct the annual audit plan in consultation with their colleagues and business line management. Clear articulation of specialist audit and resource needs to deliver the annual audit plan provided to Technical Leads.
- Responsible individually and collectively for the scheduling of the resources of the Audit Plan.
- Manage a portfolio of varied audit assignments to time, quality and budget.
- Leading and supporting audits, discussing audit report and findings with Management to ensure that appropriate responses are obtained for each issue raised in the report. As a lead, reviewing the audit working papers in line with the audit methodology.
In addition to a technology degree, has relevant technical certification in the area of Cloud or Software Engineering. Between 5-8 years relevant technical experience in Cloud or Software Engineering (including DevOps or DecSecOps)
1. Experience in controls, security and management of one or more of the following areas:
- Cloud (PaaS, IaaS and SaaS)
- Software engineering (including agile development), familiarity with DevOps and/or DevSecOps (including containerization, orchestration and CI/CD pipeline), use of APIs in development
- Cybersecurity (NIST framework, security tools)
- Robotics process automation
- Data governance framework
2. Familiar with emerging technologies and associated risks (e.g. artificial intelligence, blockchain, internet of things, robotics)