Cyber Security Auditor in London

My client, an International bank, is looking for a Cyber Security Audit Manager to join their growing team in London.

About the Cyber Security Audit Manager role: An exciting opportunity has become available to join the Group Audit function and the Technology Risk audit team as a Cyber Security Audit Manager. This role provides the opportunity to shape as well as lead audits, harnessing a deep understanding of cyber security and technology risks to deliver high quality independent assurance on the effectiveness of controls.

Responsibilities include:

• Audit Planning: planning a range of cyber security audits, requesting/selecting resources and liaising with stakeholders to discuss and propose scope and timelines.
• Audit Execution: leading and managing audit delivery, delivering audits on time and within budget, ensuring quality of the audit file and coverage of agreed scope, ensuring compliance with audit methodology, and providing progress updates to the Portfolio Lead, Head of Audit and Audit Directors.
• Taking the lead on audit report preparation and agreement with stakeholders.
• Oversee the follow-up and subsequent remediation of audit issues identified.
• Coaching and supporting colleagues.
• Providing SME insights and support across the Audit function.
• Driving personal growth and continuous improvement.

What you’ll need:

• Industry best-practices: Strong technical knowledge and experience of Information, Cyber and Physical Security best practices, threats, risks, frameworks and standards (e.g. NIST, MITRE and ISO27001). Related cyber/information security qualifications valued e.g. Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH).
• Audit and/or risk and controls experience: Practical experience of assessing cyber and technology risks and key controls (e.g. vulnerability management, network security, security operations, identity and access management), documenting appropriate test plans to deliver on audit objectives. Applicants should be able to identify control gaps and clearly articulate these to senior stakeholders.
• Curiosity and interest in new technology: Demonstrable curiosity and understanding of the emerging technologies shaping the risk landscape (inc. AI, Digital Ledger Technology, Quantum).
• Data skills: Experience of data analytics tools and processes, ability to assimilate a range sources of data and complex information to effectively problem solve and draw relevant conclusions.
• Stakeholder management: The ability, skill, and experience to effectively manage senior stakeholder relationships, building credibility and trust.
• Project management: Solid project management skills and a focus on delivery of the audit plan are critical and applicants should be self-starting and proactive.
• Team leadership: Leadership and collaboration skills are key to achieving the Group and function's objectives. Applicants should be comfortable both leading and participating in teams, supporting team members and management to deliver on team and personal goals.

And any experience of these would be really useful:

• Technically proficient, with hands-on technology experience (e.g. security testing, ethical hacking). Ability to use and/or develop technical skills.
• Solid understanding of technology infrastructure, networks, cloud technologies and related architecture and security frameworks.
• Knowledge of software development and software engineering methods, practices, and tools across the software development lifecycle.
• Experience and ability to develop innovative tools to support audit testing and continuous auditing, including the use of AI.

About the job:

• Contract Type: Permanent
• Specialism: Technology & Digital
• Focus: Information Security
• Industry: Banking
• Salary: £80,000 - £99,700 per annum
• Workplace Type: Hybrid
• Experience Level: Senior Management
• Location: London