Description:
Our Clients Internal Controls team is a Group Function and a key part of the companies governance framework and an important component of the ‘second line of defence’. It has a remit across both Group and all divisions / companies and is responsible for the roll out of the SOX workstream, due to recent US listing.
The role requires an individual to support the Director of Internal Controls in ensuring that the IT control environment meets SOX standards. They will report to the IT Audit Manager. The role may require a small amount of travel, up to a maximum of 10%.
Position Description:
- Completing both design adequacy and operating effectiveness testing of the assigned systems / ITGCs in accordance with defined quality standards and deadlines.
- Identify develop and, where applicable, help implement IT General Computing Controls within the organisation.
- Ensuring high standard quality documentation and test scripts are delivered on a consistent and timely basis.
- Communicating and reporting deficiency findings to management.
- Monitoring management’s responses and implementation of agreed remediation plans.
- Ensuring effective business changes are introduced as a result of deficiency findings.
- Liaising with internal and external auditors as required.
- Working with the Director of Internal Controls, Internal Controls IT Manager, internal controls colleagues, InfoSec and Heads of Technology, to improve internal control.
- Building strong professional relationships with peers and management in the business.
ABOUT THE PERSON:
Experience and Qualifications:
- Educated to degree level. Additional IT Audit (CISA) or IT Security (CISM, CISSP) qualifications required.
- Minimum of 2 years audit experience in enterprise environments – previous experience of the gambling sector would be advantageous but is not essential.
- Advanced understanding of IT General Computing Controls (ITGCs).
- Competent knowledge of IT and Information Security operations, policies and procedures in areas Windows Active Directory, Unix/Linux, databases.
- Knowledge of cloud architecture (AWS, GCP or Azure), operational frameworks and security controls would be beneficial.
- Ability to identify issues and associated risks and provide practical solutions to a wide range of Internal Controls issues.
- Proficient in the use of Microsoft Office Word, Excel, PowerPoint.