Senior IT Auditor - Cyber Security - Pen Tester

The Audit and Risk Recruitment Company (ARRC) are recruiting for a Senior Cyber Security Auditor to join a FTSE 100 Tech business in central London.

The purpose of this role is to support the Group in providing risk-based independent assurance of the effectiveness of the Group's internal controls to senior management and the Group Audit and Risk Committee within the area of Cyber Security.

Duties:

• Lead the scoping, planning, delivery and reporting of cyber security audits in the Technology domain across all OpCos in accordance with the Internal Audit methodology.
• Be the subject matter expert within the Technology domain in the areas of cyber security and ethical hacking.
• Perform technical audits on topics such as 5G, cloud, Internet-of-Things (IoT), Blockchain and other emerging technologies.
• Liaise with the business in tracking progress in addressing audit recommendations and confirming their closure.
• Build positive working relationships with security leaders across the organisation to understand issues and identify areas for improvement.
• Support Head of Audit - Technology and teams of peers in delivery of audit plans by providing knowledge and expertise.
• Building, maintaining and indirectly managing a community of cyber auditors across our global business.
• Preparation & delivery of end-to-end Audits in line with Internal Audit Methodology and in this area of specialisation.
• Develop and maintain high quality knowledge base & share best practices
• Operate within a team as well as being active in the wider virtual community

You must have

• CEH, OSCP, SSCP, CISSP, CISM, ISO27001 lead auditor
• CISA, CRISC, ITIL or Cobit (desirable)
• ISO 22301 (desirable)
• Experienced in the area of Cyber Security - either in an implementation, operation or assessment role.
• Technical knowledge on penetration testing, IT/information security/ cyber security standards and frameworks such as ISO27001, NIST CSF and GITC.
• Experience in audit (external and internal) and familiar with Internal Audit standards.
• Industry specific experience with mobile telecoms or related businesses.
• Well-versed in assessing business risks and controls, be able to articulate the risks, and recommend business-focused solutions.
• Strong interpersonal and presentation skills and ability to communicate with all levels of management.
• Ability to work in a fast-paced environment across multinational functional teams and multi-tasking.
• Fluent in English - written and spoken.
• Travel required - around 20%.

It is an ideal opportunity for some who has penetration testing experience and wants to move into Cyber Security governance work. If you are looking for a chance to be at the forefront of Cyber Security then this would be a great career move.