IBAM Consulting
London, United Kingdom
£650 - £850
16 Aug 2022
18 Aug 2022
Job Function
Industry Sector
Finance - General
Employment Type
Full Time
Primary Responsibilities

The role's responsibilities include, but are not limited to:
- As a Technical Auditor & Subject Matter Expert, lead discussions with Tooling Owners, understanding current state of controls and optimal configuration to ensure compliance is met by adoption, making recommendations, challenging and deep diving to understand deficiencies / weaknesses and drafting reports to improve the overall maturity of our tools that will be visible by C-Suite Stakeholders.
- Working with the Team to stand-up and mature the function from Pilot to BAU. Including the creation of requirements, processes, documentation and audit outputs/methodologies.
- Analyzing Policy to identify potential gaps and weaknesses and make recommendations to remediate.
- Stakeholder engagement and presenting results and the ability to convert technical jargon into digestible output.

Mandatory Experience

- Working knowledge of key Technology concepts e.g., Privileged Access, SDLC, Identity & Access Management, Data Security, Asset Applicability. i.e., Applications / Installed Software / Cloud.
- Understanding of key concepts related to risk assessment, tooling, and controls.
- Technology Audit Experience and facing off to senior stakeholders is essential.
- Process-based thinking to effectively obtain, analyze, and interpret information, identify root causes of problems, and draw the appropriate conclusions
- Working knowledge of technology applications and can identify and validate risk and controls.
- Understanding of the relevant local technology risk regulations and the associated application to a financial services business.
- Knowledge and application of various risk frameworks (COBIT, NIST, SSAE16, ISO).
Desired Skills

Education, Background & Experience Required
Education: Bachelor's degree
A minimum of 5 years of relevant risk experience from roles in any of the following:
- Audit (internal or external)
- Risk Officer / Information Security Officer
- Technology Risk Governance
- Risk Assessment (e.g., RCSA)
- Control Testing (e.g., SOX)
- Information Security / IT Security (e.g., Entitlements Management, Segregation of Duties, Threat Management, Penetration Testing, Strategy)
- Regulatory (e.g., working as a financial services regulator or having experience dealing with regulators)
- Technology / Information Security Policy / Procedures
- Process/Risk/Control Frameworks, e.g., COBIT
Qualifications Desired
Certifications: Attainment of the following certifications is a strong plus.
- Certified Information Systems Auditor (CISA)
- Certified in Governance for Enterprise IT (CGEIT)
- Certified Internal Auditor
- Certified Information Security Manager (CISM)
- Certified Information Systems Security Professional (CISSP)
- Certified in Risk and Information Systems Control (CRISC)
- ISO 27001 Auditor

Similar jobs

Similar jobs

  • You need to sign in to save