Senior IT and Security Auditor

Senior IT and Security Auditor

Internal auditor responsible for leading IT & security audits across the organization, based in London.

Responsibilities

• Lead and execute IT & security audits, across all stages of the audit lifecycle.
• Assess the effectiveness of technology and information security controls, including infrastructure, applications, data and general IT&S processes.
• Identify control gaps and process improvement opportunities, and evaluate compliance with operational, legal, regulatory, and internal policies and procedures.
• Deliver clear, value-added recommendations and partner with business leaders to track and monitor management action plans, ensuring sustainable resolution of control gaps.
• Support advisory projects on new technologies, process improvements, and strategic initiatives.
• Supervise junior auditors assigned to engagements, providing guidance and overall review of deliverables.
• Share technical expertise with members of the Audit Services Group to assist with career development and capabilities for performing advanced technical audit procedures.
• Contribute to the annual audit plan and risk assessment, staying up to date with industry trends, the company’s strategic priorities, and emerging risks.
• Work with colleagues located both locally and in various offices around the world.
• Ensure adherence to all applicable department and company policies, and professional standards.

Qualifications

• Audit and / or consulting experience in most of the following areas:
  • Technical and security control deployment within cloud service provider environments (i.e., Amazon AWS, Google GCP, and Microsoft Azure).
  • Information and data protection for sensitive company data
  • Information security operations, including vulnerability management, penetration testing, centralized log management, customized security monitoring/alerting, threat intelligence practices and security incident response
  • Application security, including secure coding practices, segregation of duties and least privileged access concepts
  • System development, project management and change management
  • Technology infrastructure design, management and operations across various technology platforms (i.e., mainframe, Windows, UNIX/Linux, SQL, Oracle, etc.)
  • Business continuity and technology resiliency
  • System implementations
  • Integration of business process controls with supporting technologies. Business process workflow documentation, including identification of key risks and the corresponding business and technology controls
• Ability to interface with all levels of management and successfully communicate IT security risk and mitigation to a non-technical audience.
• Ability to work in a complex and evolving environment.
• Strong project management and execution skills, including prioritizing tasks, balancing workload, anticipating next steps, and adapting to change.
• Enthusiasm, energy, drive and team collaboration in your daily work.
• Ability to build effective relationships.
• Ability to communicate issues with colleagues and obtain agreement on audit findings and practical recommendations with control owners prior to presentation to management.

Location

London hub.

Benefits

• A competitive salary and benefits.
• Time to support charities and give back to your community.
• Parental leave policy.
• Global recognition platform.
• Virgin Pulse access.
• Global employee assistance program.

#J-18808-Ljbffr…