Information Security Audit and Controls Manager

Recruiter
Stanton House
Location
Yorkshire
Salary
negotiable + benefits
Posted
15 May 2019
Closes
12 Jun 2019
Job Type
Permanent

Information Security Audit and Controls Manager

Company Description

A leading global provider of financial administration solutions. As one of Europe’s leading asset servicing platforms, the company interacts with almost 6m investors, administering and safeguarding £600bn of assets across 10 highly regulated markets.

Job Description

The primary purpose of this role is to ensures compliance with established internal control procedures by examining records, reports, operating practices, documentation, processes, methods, and evidence gathering is in place for Audits events.    Completes audit work papers by documenting audit tests and findings for the Audit Provider, Internal or External and ensuring they are continually managed to a within tolerance level. Where controls do not exist, they are designed and implemented with support from the Information Security Team and Lines of Business areas to provide assurance that gaps are closed.

With the correct controls and frameworks in place, and maintained, this role will coordinate, schedule and face off to all Auditors and Audits providing and collating evidence when requested, from the appropriate control points and liaising with other teams where necessary ensuring a consistent and controlled service is provided;

The role holder will be responsible for creating and maintaining an Audit Evidence Database to facilitate the response to repeat audit and questionnaires.  This will be through targeted research and the accumulation of knowledge and understanding of the Link Group Policies, Procedures, and Standards and compiling the appropriate information into bespoke packages tailored to meet specific audit and other demands. 

They will also be responsible for managing and reporting on the Logical Access Review (LAR) process for movers and movers.  Co-ordinate and support Application owners with a system attestation process. Ensuring that all access requests/amendments and deletions are appropriately documented and authorised and that an audit trail exists for all LAR activities.

The role will play a key part in the continued achievement of ISO27001 certification and in maintaining the controls associated with it, or with other certification as required by all lines of business.

Qualifications

Essential

• Experience of engaging with technical resources and demonstrating a level of understanding required to get technical controls scoped and operational;

• Demonstrable stakeholder management up to senior business leader level;

• Demonstrable Knowledge of IT, financial, operational, and Audit management controls;

• Sound analysis, investigative and problem-solving skills;

• Effective verbal and written communication skills;

• Ability to deliver to strict deadlines in a pressured environment; and

• Meticulous attention to detail.

Desirable

• Experience translating Business Audit and requirements to technical teams;

• Proven IT governance experience;

• Demonstration experience of Concise reporting and management of stakeholders at senior level; and

• The ability to assess situations to determine priority, urgency and associated risks, and then to make clear decisions and recommendations which are timely and protect the organisation from the identified threat or risk.

Apply Now