Technology Risk Assistant Manager @ Grant Thornton

London (30 Finsbury Square), United Kingdom

Grant Thornton

Grant Thornton is one of the world's largest professional services networks of independent accounting and consulting member firms which provide assurance, tax and advisory services to privately held businesses, public interest entities, and more.

Grant Thornton UK LLP is part of a global network of independent audit, tax and advisory firms, made up of some 73,000 people in over 150 countries. We're a team of independent thinkers who put quality, inclusion and integrity first. All around the world we bring a different experience to our clients. A better experience. One that delivers the expertise they need in a way that goes beyond. Personal, proactive, and agile. That's Grant Thornton.

Job Description

NEW GROUND WON’T BREAK ITSELF.

Every day our teams help people in businesses and communities to do what is right and achieve their goals.

Grant Thornton's Technology Risk Services team (TRS) provides the advice necessary to help clients manage risk associated with their use of technology. Our professionals can deliver objective, value-added solutions that will enable clients to strengthen internal controls and governance processes, implement sound organisational strategies, increase technological capabilities and improve their operational efficiency.

TRS is part of Grant Thornton's Business Risk Services (‘BRS’) department, who provide internal audit and risk advisory services to the FTSE100/250 and equivalents, international and major charities and not for profit organisations, and central government departments. You will provide tailored, flexible and cost-effective solutions, that provide access to industry best practice methodology, value add insights and subject matter experts.

We’re happy to talk flexible working and consider reduced hours and job shares, we’ll support you to balance your work and life.

A look into the role

As a Technology Risk Services Assistant Manager within our Business Risk Services team practice, you will:

• Take ownership of allocated assignments.
• Assist with the preparation of draft terms of reference/audit planning documents and provide input into budgets for technology risk internal audit reviews.
• Deliver fieldwork, ensuring all work is performed in accordance with GT methodologies, appropriate testing has been performed, and evidence to support key decisions has been obtained.
• Support in close-out meetings with clients to ensure they have a full understanding of issues identified and these are agreed.
• Document draft and final internal audit reports, providing appropriate recommendations which are tailored to the needs of the intended audience with minimal Manager and Partner input.
• Assist with client proposals, presentations, and other business development opportunities as necessary.

Knowing you’re right for us

Joining us as a Technology Risk Services Assistant Manager, the minimum criteria you’ll need is a relevant professional IT audit qualification (typically CISA, CISM, CISP or similar) and experience in tech risk UK internal auditing. It would be great if you had some of the following skills, but don’t worry if you don’t tick every box, we’ll help you develop along the way.

• Experience of scoping, delivering, and reporting on technology internal audits.
• Experience in assessing and testing technical security controls in areas such as firewalls, cloud configurations, network monitoring and antimalware solutions.
• Experience of auditing public (such as AWS Azure and Google Cloud) and private (such as VMWare) cloud platforms.
• Experience with auditing ERPs such as SAP S/4 HANA and Oracle Fusion.
• Experience of auditing areas such as Data Protection/Privacy (inc GDPR), IT Strategy, Change Management, Business Continuity & IT Disaster Recovery, IT Infrastructure (including Databases), and IT asset management.
• Experience of testing of IT general (ITGCs) and automated IT controls to support SOX audits or Service Attestation Reports (such as IASE3402 etc).
• Some experience of auditing technology transformation programmes and system implementations.
• Experience of using audit software and Microsoft packages.
• Familiarity with related regulation and frameworks such as Cyber Essentials, NIST, GDPR etc would also be helpful.
• Strong communication skills (both written and oral) and experience of writing IT internal audit reports will be key.

Knowing we’re right for you

Embracing uniqueness, the culture at Grant Thornton thrives on the contributions of all our people, we never settle for what is easy, we look beyond to deliver the right thing, for everyone. Building an inclusive culture, where we value difference and respect our colleagues helps our people to perform at the best of their ability and realise their potential.

Our open and accessible culture means you’ll interact with leaders who are interested in you and everything you bring to our firm. The things that set you apart, we value them. That’s why we give you the freedom to bring your whole self to work and pursue your passions inside and outside of work.

Beyond the job

Life is more than work. The things you do, and the people you’re with outside of work matter, that’s why we’re happy to look at flexible working options for all our roles, and we’ll always do our best to keep your work and life in balance.

The impact you can make here will go far beyond your day job. From secondments, to fundraising for local charities, or investing in entrepreneurs in the developing world, you’ll be giving back to society. It’s that drive to do the right thing that runs through our every move, grounded in our firm’s values – purposefully driven, actively curious and candid but kind.

We’re looking for people who want to contribute, spark fresh ideas and go beyond expectations. People who want to be able to proudly do what’s right, for the firm, our clients, our people and themselves. It’s how it should be.

#LI-ME1