Internal Audit - Tech Risk Services - Assistant Manager

Join us and you'll shape more than just your career

We believe we're best positioned to make a meaningful impact on the economy. Every day, we provide a diverse range of organisations with the kind of business and financial advice it takes to do this. Our ideas and insights empower our clients to make big decisions about the future and unlock sustainable growth. With a relentless focus on quality and integrity, we help businesses, communities and our people to flourish.

Job Description:

Summary

An IT audit assistant manager role with a focus on Cyber Security, Data Protection/Privacy (inc GDPR), IT Strategy, and IT General controls (inc Change Management, Business Continuity & IT Disaster Recovery, and IT Infrastructure & IT asset management).

Main Responsibilities

• You will work as part of the team, effectively providing a hands-on advisory service that exceeds our clients' expectations and allows Grant Thornton to deliver a high-quality audit to clients
• You will have responsibility for the effective completion of engagements, including
  • Assisting with the preparation of draft terms of reference/audit planning documents
  • Providing input into budgets for internal audit reviews
  • Delivering fieldwork, ensuring all work is performed in accordance with GT methodologies, that testing sufficient and appropriate testing has been performed, and evidence to support key decisions has been obtained
  • Reviewing fieldwork of more junior team members and providing oversight of engagements, assisting managers and directors with their client portfolios where necessary
  • Holding close-out meetings with client to ensure that they and the client has a full understanding of issues identified and these are agreed
  • Documenting draft and final internal audit reports, ensuring the written work is of a high standard, is factually correct, recommendations are appropriate and tailored to the needs of the intended audience, and requires minimal manager and Partner input.
  • Monitoring your time on clients and flagging any issues up to your people manager in a timely manner.

Marketing/practice development:

• Assisting with develop new products and services, particularly in relation to IT internal audit and technology risk
• Build and maintains good working relationships with all clients and colleagues
• Read appropriate sector/industry journals, reviews websites, to be aware of current issues and identify development opportunities for new products and services
• Assist with client proposals, presentations, and other business development opportunities as necessary

Personnel

• Ensures familiarity with relevant training and development options to assist staff development
• Clearly articulate and apply the firm's vision and values and encourages others to apply them at work

Other duties:

• Maintains and develops own technical and personal skills, keepings records for CPD purposes, particularly in relation to IT internal audit and technology risk
• Undertakes other duties to meet the demands of the business
• Complies with all relevant policies and procedures

Education / qualifications (essential)

• Professional IT audit qualification (CISA, CISM, CISP, or similar)

Education / qualifications (desirable)

• Cyber security related qualifications
• Other relevant qualifications, including ITIL, COBIT, PRINCE2, ACA, etc...

Skills and experience (essential)

• Strong experience of auditing Cyber Security, Data Protection/Privacy (inc GDPR), IT Strategy, Change Management, Business Continuity & IT Disaster Recovery, IT Infrastructure (including Databases), and IT asset management
• Familiar with auditing Project/Programme Management (inc Agile), Cloud & Virtualisation technologies, IT transformations, Digital, and third-party management arrangements
• Experiencing of testing of IT general and automated SOX controls
• Familiarity with related regulation and frameworks such as Cyber Essentials, NIST, GDPR etc...
• Technical awareness and auditing experience of common operating systems, financial applications, and underlying databases
• Leading IT audit teams and engagements from end-to-end
• Strong communication skills (both written and oral)
• Experience of working with Large Corporates (FTSE 250+)

Skills and experience (desirable)

• UK government SC ('Security Check') clearance
• Experiencing of auditing technology transformation programmes and system implementations
• Performing testing to support Service Attestation Reports such as IASE3402
• Experience with auditing ERPs such as SAP S/4 HANA and Oracle Fusion.
• Portfolio management experience, including ability to manage multiple projects concurrently
• Exposure to reviews of software developments, including various programming / coding languages
• Management experience
• Assisting with developing proposals in response to IT audit tenders and client presentations
• Previous experience of providing IT audit services to industries similar to Grant Thornton's internal audit client base.
• Familiar with using good practice frameworks and regulatory standards, including COBIT, ISO 27001, Cyber Essentials, PRINCE2, and Agile
• Strong personal networking skills Preparing and delivering presentations
• People management and coaching skills
• Interviewing and assessing potential candidates

Do you care about the same things we do?

We have six values we work by. When we meet, we'll want you to show us how they're important to you, too.

Collaboration: We are aligned around a common purpose that unites us in providing the same quality experience for our clients and our people, seamlessly across borders.

Leadership: We are committed to the success of our clients, our people, our profession, and our stakeholders at large, demonstrating leadership at all levels.

Excellence: We are passionate about exceeding expectation and delivering high quality work. We love what we do, and it shows. We sweat the details. We see things through, no matter how tricky.

Agility: The world moves quickly. To keep up, we stay flexible - changing approaches, changing projects, working offline, online, together and alone to get things done.

Respect: A given, of course: we value each other and our clients. We listen, we understand, we care.

Responsibility: The decisions we make and advice we give affects people's lives and livelihoods. We take that seriously and always do well by doing what's right.

Share ideas and profits
Unlike most firms, we're also a shared enterprise. So when the firm does well, everyone does well by taking home a share of the profits. Of course, to get those profits, we need to share ideas and share responsibility for our work, too.

Bring your whole self
Now you've seen our values, it shouldn't be a surprise that we're creating a respectful, open, diverse place to work. Building an inclusive culture, where we value difference and respect our colleagues, is not just the right thing to do, it helps our people to perform at the best of their ability and realise their potential.

"We are committed to making sure that the opportunities within our firm are equally accessible for everyone - regardless of background or gender." Dave Dunckley, CEO

There's more to life than work

Families, children, sports, night classes...the things you do and the people you're with outside work matter. They can inspire, motivate and energise you. Inside the office and out. So if you'd like to work flexibly, let us know. We're happy to look at flexible working options for all our roles, and we'll always do our best to keep your work and life in balance.

#gtro

#LI-MK1