Job Descriptions

What you'll do

• Support the Tech assurance planning process, attending stakeholder meetings, and providing input into the roadmap;

• Assist in leading the planning, preparation, and completion of assurance reviews across the UKI Technology space, following defined quality standards and timelines.

• Using your understanding of cyber security risk, deliver of a number of end-to-end reviews on emerging risks to identify any areas of weakness through assurance reviews and working with business partners to help identify control weaknesses and provide guidance on control improvement areas.

• Build and maintain a positive relationship with the divisions Technology and wider Group partners to become knowledgeable of their control environment.

• The value of your work will be used by multiple internal teams, both at the group level (e.g., Enterprise Risk, Internal Audit) and within divisions (e.g., CRLO, Directors of Security). This will require that you maintain accurate records of all testing activity that can stand up to scrutiny.

• Analyse large amounts of data to make informed conclusions, implement, and maintain the tests that will provide assurance on tech controls and identify unmanaged risks using the assurance test data.

How you'll do it

• A good understanding of IT general controls (e.g., security, change management, data centre, infrastructure etc.) including proper design and implementation.

• A good level of experience working in Audit, Risk, or a similar role;

• Knowledge of cloud architecture (AWS, GCP or Azure), operational frameworks and security controls;

• CISA, CISM, CISSP qualification or equivalent is desirable;

• Experience in using data analytic tools and techniques is desirable;

Skills

Experience

• 1 year