Internal Audit contributes to the effectiveness of the Company's internal controls by providing independent, risk-based assurance reviews designed to identify control risks, risk mitigants, control gaps, and opportunities to improve efficiency.
The department is responsible for reporting on risks and the control environment across all areas of the business and the support functions to senior management globally and to provide management with reasonable assurance that operating controls are adequate and effective.
- Lead and execute the testing of technology processes as per Audit policies, methodologies, and standards, primarily covering strategic high risk development programs.
- Manage a team of 4 staff members, coach, develop and lead whilst still being active in challenging higher risk audits.
- Work with business audit colleagues and undertake integrated audits providing technology audit coverage of business applications and associated technology controls. This role will have a large focus on applications.
- Communicate effectively with clients and audit team members; interacting effectively with senior stakeholders, Directors and MD’s.
- Take ownership of the projects or other work assigned and ensure that audits are carried out correctly and in a timely manner by yourself or the team.
- Delivering the audit plan and co-ordinate the plan
- Able to take a pragmatic approach based on risk / controls.
- Engage in relevant training regarding audit, technology, businesses, financial controls, regulations.
- Deputise for the Head of technology audit where required.
- Qualified IT Auditor CISA with strong relevant experience in technology audit with exposure to financial services (this can be through Big4 or working directly for a financial services firm)
- Experience of being the Lead auditor on each assignment leading small team, this role will suit someone taking a step up but still looking to be hands on.
- Skilled in conducting detailed technology audit reviews: collecting and analysing complex data, evaluating information and systems, and drawing logical conclusions.
- Very strong communicator, able to deal with very senior stakeholders and also communicate effectively with your team.
- Knowledge detailed experience of application technology controls, general computing controls development environments, user acceptance testing, change management and end user computing controls.
- Knowledge of operating system technology (i.e. Unix and Windows), databases (e.g. SQL & Oracle), Web-based technology, and basic infrastructure control issues. Experience in assessing IT infrastructure control environments in both mainframe and distributed platforms
- Working knowledge of generally accepted IS audit standards, statements and practices, and IS security and control practices (e.g. ITIL, COBIT, FFIEC, ISO27001, Prince). Working knowledge of perimeter and infrastructure security would be advantageous.
- Knowledge of the financial services industry and its regulations and laws would be an asset.
- Experience in supervising application reviews on an integrated basis, and taking responsibility for audits from planning to reporting and issue follow-up.