Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Join our team to lead IT audits and ensure security compliance.
- Company: We are a leading financial services provider in a highly regulated environment.
- Benefits: Enjoy flexible working options and a supportive team culture.
- Why this job: Make a real impact on security assurance while developing your skills in a dynamic setting.
- Qualifications: ISO27001 Lead Auditor certification and experience in audit roles, preferably from 'Big 4' firms.
- Other info: Opportunity to work on high-profile projects and collaborate with industry experts.
The predicted salary is between 36000 - 60000 £ per year.
We are currently looking for a Security Assurance and Audit specialist with technical and security expertise who has led and performed audit and assurance engagements, specifically relating to ISO27001. This is to join an existing team at our financial services client, in a highly regulated environment.
The role will be to provide expertise and support to various Technology and Security Assurance projects and work on the development and delivery of the 2nd Line Risk Assurance plan. Applicants with a background in "Big 4" Consultancy would be of particular interest.
- Development of the assurance process and framework.
- ISO27001 Lead Auditor certification.
- Perform control testing, control walkthroughs and gathering of evidence from the 1st Line Business team.
- Perform internal risk and control assurance using the assurance methodology to determine control effectiveness, ensuring compliance to internal policies, standards/processes, best practices and industry standard and frameworks.
- Complete documentation of control testing and reporting for senior management review.
- Work with relevant stakeholders in the 1st line team to identify appropriate remedial actions, for issues identified through testing.
- Support the definition of a control library, creation and review of controls ensuring alignment to internal policies and external frameworks e.g. CRI, ISO, NIST, ISAE.
- Perform internal control assessment/audit for SWIFT CSCF, LINK CSB, ISO27001 and IS022301.
- Development of appropriate assurance internal documentation.
- Preparing relevant submissions into risk governance committees.
IT Audit and Security Assurance Specialist employer: I-confidential
Contact Detail:
I-confidential Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land IT Audit and Security Assurance Specialist
✨Tip Number 1
Familiarise yourself with ISO27001 and its requirements. Understanding the nuances of this standard will not only help you in interviews but also demonstrate your commitment to the role.
✨Tip Number 2
Network with professionals in the IT audit and security field, especially those who have experience in financial services. Engaging with them can provide insights into the industry and potentially lead to referrals.
✨Tip Number 3
Stay updated on the latest trends and challenges in IT security and audit. Being knowledgeable about current events and advancements can set you apart during discussions with our team.
✨Tip Number 4
Prepare to discuss your previous experiences with control testing and risk assessments. Be ready to share specific examples that highlight your expertise and how you've contributed to past projects.
We think you need these skills to ace IT Audit and Security Assurance Specialist
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights your experience with ISO27001 and any relevant audit engagements. Emphasise your technical skills and any certifications, especially if you have a background in 'Big 4' consultancy.
Craft a Strong Cover Letter: In your cover letter, explain why you're interested in the IT Audit and Security Assurance Specialist role. Mention specific projects or experiences that demonstrate your expertise in security assurance and audit processes.
Showcase Relevant Experience: When detailing your work history, focus on your roles related to risk assurance and control testing. Provide examples of how you've contributed to compliance with internal policies and frameworks like NIST or ISAE.
Highlight Soft Skills: Don't forget to mention your ability to work with stakeholders and communicate findings effectively. This is crucial in a regulated environment, so provide examples of how you've successfully collaborated with teams in the past.
How to prepare for a job interview at I-confidential
✨Showcase Your ISO27001 Knowledge
Make sure to highlight your understanding of ISO27001 during the interview. Be prepared to discuss your experience with the standard, including any audits you've led or participated in, and how you ensured compliance within previous roles.
✨Demonstrate Technical Expertise
Since this role requires technical and security expertise, be ready to talk about specific technologies and methodologies you've used in past audit engagements. Discuss any tools or frameworks you're familiar with, especially those relevant to risk assurance.
✨Prepare for Scenario-Based Questions
Expect scenario-based questions that assess your problem-solving skills in a regulated environment. Think of examples where you've identified control weaknesses and how you proposed remedial actions, as this will show your practical experience.
✨Engage with Stakeholders
Highlight your experience working with various stakeholders, particularly in the 1st line team. Discuss how you've collaborated with them to identify issues and implement solutions, as effective communication is key in this role.
