GKN Automotive is the market leader in conventional, all-wheel and electrified drive systems and solutions. With a comprehensive global footprint, we design, develop, manufacture and integrate an extensive range of driveline technologies for over 90% of the world's car manufacturers. GKN Automotive has a turnover of circa £5 billion and 25,000 employees across 19 countries.
Location
Birmingham, UK
Full-time
Role Purpose
The Security Audit & Assurance Manager plays a pivotal role within the IT Security function at GKN Automotive, serving as the Subject Matter Expert (SME) and primary point of contact for both internal and external IT and Information Security audits. This role demands a high level of audit expertise, with the ideal candidate possessing a demonstrated ability to create and implement comprehensive audit strategies within a global organisation. Experience with international compliance standards is essential.
Key Responsibilities
Develops and implements policies and procedures within the relevant subject areas.
Direct management of one team member (Junior Audit Manager).
Collaborate with and provide support to both internal and external stakeholders to resolve security-related issues.
Manage, maintain, and deliver the annual security audit plan on behalf of the IT Security team.
Lead risk-based audit and assurance activities to assess the effectiveness of IT and information security processes and controls.
Serve as the primary point of contact for external audit parties and provide assurance information as required.
Report and communicate audit outcomes, actions, and areas for improvement to IT Directors, Legal Counsel, the Executive Team, and other relevant functions.
Oversee the reporting of audit outcomes to regulators or customers, subject to approval from legal counsel.
Supervise team members to ensure successful audit delivery.
Provide KPI reporting for areas of responsibility.
Education
Proven experience in a similar role within a large organisation or consultancy.
Strong persuasive, presentation, and report writing skills.
Relevant industry certifications such as Certified Information Systems Auditor (CISA) preferably with a background in finance.
Expertise in Information Security audits and compliance.
Familiarity with Policy & Procedure Audits and Control Maturity.
Comprehensive knowledge of industry security frameworks and standards, including TISAX, ISO 27001/2, CIS, NIS 2, and the UK Corporate Governance Code.
Experience
Extensive experience leading IT and Information Security audits in a global organisation.
Strong understanding of IT systems, information security practices, and IT control frameworks.
Experience in developing and executing IT audit strategies and annual audit plans.
Ability to effectively communicate audit findings to senior management and external clients.
Proven ability to collaborate with IT teams to conduct risk assessments and ensure compliance with IT standards.
Expertise in preparing and presenting detailed reports that document audit processes and results.
Strong ability to maintain open communication with management and audit committees.
Thorough knowledge of relevant legislation and standards in IT and Information Security and be aware of emerging developments.
Experience in supervising, training, and mentoring IT audit personnel.
Competence in coordinating with external auditors and providing necessary support throughout the audit process.