IT Risk and Audit Manager

Division/Department

Internal Audit, Risk and Operational Resilience

Location

Base location of Holborn Store Support Centre, with a requirement to travel to other locations as required. This will primarily be within the UK.

Reporting to

Internal Audit operates a matrix structure. This means you will have one line manager for your development and report to multiple Senior Risk and Audit Managers for audit delivery.

In a nutshell

Deliver to time and quality a portfolio of internal audits across Sainsbury's Group as per the Audit plan. This role will have responsibility for reviewing all aspects of Information Technology (IT) including infrastructure, application controls, core IT processes, how we work with key technology suppliers and partners as well as emerging technology and change programmes - much more than just IT General Controls.

The IT Internal Auditor will provide management with an independent assessment and assurance related to the adequacy, effectiveness, and sustainability of controls. Own relationships with senior business stakeholders to support them real time in identifying and managing risks and delivering assurance. Support the continuous improvement activities and share external best practise and innovative thinking into our Internal Audit processes and methodologies.

What you need to do

• Build and maintain strong relationships with auditees. This will involve supporting stakeholder owners across Sainsbury's Tech and understanding and monitoring change, for example updating the Auditable Divisional Risk Profile, developing audit proposals and risk maps.
• Act with a good level of judgement during audit and advisory work.
• Use tools available to pull and analyse data to inform audits and provide assurance and advice
• Driving a continual risk focus in the business through supporting the Senior Risk and Audit Manager in facilitating risk workshops and meetings to help management identify, assess and manage key business risks.
• Support the Senior Risk and Audit Manager in developing an ongoing risk-based audit plan.
• Manage workload to lead and deliver multiple audits in a number of divisions to meet time, cost and quality targets across all Sainsbury's sites.
• Develop recommendations and actions that balance both commercial considerations and the risk exposure and control requirements of the business.
• Provide real-time support, challenge and actionable insight to management when developing and implementing new processes including delivering business change projects.
• Contribute to team success through contributing and implementing continuous improvement activities in the team.

IT auditors will primarily carry out audits in their area of specialism. However, if business needs arise, they will conduct some audits in other divisions depending on the audit plan and capacity of the team.

What you need to know :

Essential:

• Demonstrable broad experience or understanding of technology risk and control environments at interview outside of simple IT General Controls.
• Experience of working in / performing audits of complex IT environments, processes and programmes.
• Proven track record in developing strong stakeholder relationships at different seniority levels.
• Excellent communication and interpersonal skills, which includes an ability to explain the impact of technology risks to stakeholders outside of IT.
• Self-starter who requires little or no day-to-day support to manage / prioritise workload.
• Strong analytical and report writing skills.
• Curiosity to learn new skills / knowledge and a commitment to personal development.
• Good understanding of technology, systems and data flows and how these relate to business operations.
• Strong commercial acumen.
• An understanding of the Internal Audit industry.
• Strong time management and project management skills to ensure work is delivered on time, to budget and to the expected quality.
• Prior internal or external audit experience with a track record of leading audits and adapting to change.
• Demonstrable ability to apply sound judgement.
• Experience of auditing / working with Agile teams

Desirable:

• CISA /CISM/CRISC qualified .
• Programme assurance experience.
• Retail/operational experience.
• Risk facilitation experience.
• Forensic/data analytics experience.
• Scrum master/coach experience.
• Experience of deploying agile methodology to deliver audits.

Work-life balance is important to us, so we offer our colleagues as much flexibility as possible in line with the needs of their role. We trust them to decide how, where and when they work, combining remote and collaborative working with a flexible approach to hours, giving them plenty of time and space for life outside of work whilst delivering against our business goals.

#LI-BB1