Technology - Internal Auditor

• Job Description & Summary

   

  PwC’s Operate business delivers large operational and managed service solutions for clients to meet regulatory, risk and compliance challenges. With over 2000  staff deployed on large implementation and execution programmes, Operate brings together top talent with a distinctive mix of knowledge and skills. We support clients in the delivery of large-scale operational programmes and managed solutions.

  We are currently looking for self-motivated and experienced individuals to join our Internal Audit managed services team.  Individuals will have prior experience in performing risk management activities such as; risk assessments, controls testing and exception handling.   We are particularly interested to hear from those individuals with technology audit and/or financial services experience.

   

  You will need to demonstrate technical understanding/experience across the following areas;

  • Knowledge/experience of applying Audit methodologies, processes & practices or the relevant experience in a risk related role.

  • Knowledge/experience of performing Risk Assessments, including the assessment of compensating controls & risk mitigation, ideally with a particular focus on technology environments and/ or financial services industry.

   

  Key Responsibilities:

   

  • Perform client Audits, including the documenting of risk assessments, identification of key risks & mitigating controls.

  • Attend walkthrough sessions with clients and document the relevant processes.

  • Perform design & operational effectiveness testing.

  • Review policy and procedures relating to clients information security standards and apply these to controls testing criteria.

  • Review regulatory requirements relevant to client environments & business practices and apply these to controls testing criteria. 

  • Identify, document and communicate control gaps/deficiencies to internal and

  • external stakeholders on a timely basis.

  • Demonstrate client management skills throughout the Audit lifecycle.

  • Identify process efficiencies/enhancements to keep Audit programs in line with industry best practices.

  • Perform other duties as assigned.

  • Manage a large and diverse portfolio of client work for the firm.

  • Document & Negotiate remediation plans with clients.

  • Maintain open communication channels with senior stakeholders through regular governance sessions, escalating appropriately as and when required.

  • Own the quality of all client outputs and ensure all client and internal document repositories are accurate and up to date

   

  Essential Criteria:

   

  • 2 or more years experience in a professional role involving compliance and/or controls testing.

  • A firm understanding of risk and compliance principles. 

  • A firm understanding of technology security and related risk and compliance issues.

  • Proficiency in the use of Microsoft Excels analytical tools (VLookup, pivot tables etc).

  • Senior stakeholder relationship management.

  • Strong oral & written communication skills.

  • Excellent attention to detail and a passion for delivering high quality output for Clients.

   

  Desirable Criteria:

   

  • ISO27001 Lead Auditor

  • Previous experience in an Internal or External Audit role.

  • A CIA and/or CISA certification.

  • Proficiency in the use of data analytical tools such as Alteryx. 

  • A Degree in Information Technology or related subject or equivalent experience

  • Strong understanding of information security controls & standards such as ISO 27001/2, COBIT and NIST.

   

   

   

   

   

  What’s in it for you?

   

  This is an opportunity to join a growing team, bringing your experience and energy, to make a real difference at a local team level and to our clients. You will join a fun and faced paced environment that can provide you with a long term rewarding and stimulating career.

   

  You will work with a variety of clients across a range of different programmes providing you with the opportunity to see and try new things. 

  
   

  We have a strong culture of business innovation, using technology and process improvement to automate the mundane and repeatable tasks. You will have an opportunity to get involved and work alongside our technology enablement teams to create positive change.

   

  You will benefit from a range of personal development support. This includes having access to our technical training pathways and personal skills training programmes delivered by our dedicated Operate Academy team. You will also have access to our Professional Qualification pathway that includes a wide range of industry recognised qualifications that can support your desired career direction, including; Chartered Information Systems Auditor (CISA), Certified Information Systems Security,Professional (CISSP), Certified Cloud Security Professional (CCSP), Certified Risk Information Systems Control (CRISC) and CompTIA Advanced Security Practitioner (CASP).