Technology Risk Internal Audit Cloud Associate Director

Technology Risk Internal Audit Cloud Associate Director

We are looking for a Technology Audit Associate Director to lead and oversee the Cloud assurance service line within our Business Risk Services practice. The role focuses on providing expert insight into Cloud risks, developing new offerings, and supporting our broader growth agenda.

We support flexible working arrangements and consider reduced hours and job shares.

Responsibilities

• Take ownership and lead on allocated assignments and client accounts, exceeding client expectations while managing and developing staff.
• Oversee delivery of technology internal audit / technology risk engagements, manage portfolio of engagements and client relationships, delegating work as required.
• Support and lead business development activities, winning new clients and upselling services to existing clients.
• Lead on planning conversations with clients, preparing draft terms of reference and audit planning documents.
• Provide subject matter expert input into engagements, overseeing fieldwork performed by junior team members and ensuring work meets Grant Thornton methodologies and evidence requirements.
• Oversee and review work of junior members, supporting development and ensuring quality.
• Hold close‑out meetings with clients to ensure understanding of issues and write reports summarising key observations.
• Present reports and findings at Audit Committees and other senior management committees.
• Support development of new technology audit / technology risk service lines and initiatives within BRS, focusing on Cloud assurance.
• Assist with financial management of client relationships, including monitoring WIP, raising invoices, ensuring adequate margin and preparing budgets.
• Lead on developing annual audit plans.

Qualifications

• Professional qualification (e.g., CISA, CCAK, CCSK, CCSP) with post‑qualification experience.
• Experience scoping and delivering technology internal audits and Technology Risk engagements, developing reports and presenting conclusions to senior stakeholders.
• Experience managing internal audits of large companies involving complex technical matters, particularly cloud platforms (IaaS, PaaS, SaaS).
• Strong experience in cloud governance, technical configuration, and cloud‑specific topics such as security, data protection, availability, resilience, disaster recovery, performance, cost management, third‑party management, and change management.
• Experience auditing public (AWS, Azure, Google Cloud) and/or private (VMWare) cloud platforms.
• Knowledge of the Cloud Security Alliance Cloud Controls Matrix, cloud vendor Well‑Architected frameworks, and Agile methodologies.
• Ideally a track record of performing IT audits over DevSecOps / CICD pipelines, including release management, source code management, testing, security, tools and automation.
• Experience delivering technology audit / technology risk across cyber and network security, IT resilience, transformations, strategies, data protection, supplier management.
• Extensive audit software and Microsoft packages experience.
• Experience building extensive active networks across geographical regions and client organisations.
• Proactive approach, with personal goals aligned with the firm’s values.

Equal opportunity employer. We comply with EEO laws.

#J-18808-Ljbffr…